Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 6.0.15 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0002
Apache Tomcat 6.0.0 up to and including 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote malicious users to obtain sensitive information, as demonstrated by disconnecting during this pro...
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
Apache Tomcat 6.0.11
Apache Tomcat 6.0.12
Apache Tomcat 6.0.13
Apache Tomcat 6.0.14
Apache Tomcat 6.0.15
NA
CVE-2010-4172
Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0.12 up to and including 6.0.29 and 7.0.0 up to and including 7.0.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) orderBy or (2) sort parameter to s...
Apache Tomcat 6.0.12
Apache Tomcat 6.0.13
Apache Tomcat 6.0.14
Apache Tomcat 6.0.15
Apache Tomcat 6.0.16
Apache Tomcat 6.0.17
Apache Tomcat 6.0.18
Apache Tomcat 6.0.19
Apache Tomcat 6.0.20
Apache Tomcat 6.0.24
Apache Tomcat 6.0.26
Apache Tomcat 6.0.27
1 EDB exploit
NA
CVE-2010-4312
The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote malicious users to hijack a session via script access to a cookie.
Apache Tomcat 6.0
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.9
Apache Tomcat 6.0.10
NA
CVE-2007-5342
The default catalina.policy in the JULI logging component in Apache Tomcat 5.5.9 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15 does not restrict certain permissions for web applications, which allows malicious users to modify logging configuration options and ov...
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.17
Apache Tomcat 5.5.18
Apache Tomcat 5.5.19
Apache Tomcat 5.5.20
NA
CVE-2007-6286
Apache Tomcat 5.5.11 up to and including 5.5.25 and 6.0.0 up to and including 6.0.15, when the native APR connector is used, does not properly handle an empty request to the SSL port, which allows remote malicious users to trigger handling of "a duplicate copy of one of the ...
Apache Tomcat 5.5.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.17
Apache Tomcat 5.5.18
Apache Tomcat 5.5.19
Apache Tomcat 5.5.20
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
NA
CVE-2008-1947
Cross-site scripting (XSS) vulnerability in Apache Tomcat 5.5.9 up to and including 5.5.26 and 6.0.0 up to and including 6.0.16 allows remote malicious users to inject arbitrary web script or HTML via the name parameter (aka the hostname attribute) to host-manager/html/add.
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.17
Apache Tomcat 5.5.18
Apache Tomcat 5.5.19
Apache Tomcat 5.5.20
NA
CVE-2011-0534
Apache Tomcat 7.0.0 up to and including 7.0.6 and 6.0.0 up to and including 6.0.30 does not enforce the maxHttpHeaderSize limit for requests involving the NIO HTTP connector, which allows remote malicious users to cause a denial of service (OutOfMemoryError) via a crafted request...
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 6.0.0
Apache Tomcat 6.0.1
Apache Tomcat 6.0.2
Apache Tomcat 6.0.3
Apache Tomcat 6.0.4
NA
CVE-2009-2902
Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename.
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2009-2693
Directory traversal vulnerability in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20 allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat ...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
NA
CVE-2009-2901
The autodeployment process in Apache Tomcat 5.5.0 up to and including 5.5.28 and 6.0.0 up to and including 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote malicious users to bypass intended authentication requ...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.1
Apache Tomcat 5.5.2
Apache Tomcat 5.5.3
Apache Tomcat 5.5.4
Apache Tomcat 5.5.5
Apache Tomcat 5.5.6
Apache Tomcat 5.5.7
Apache Tomcat 5.5.8
Apache Tomcat 5.5.9
Apache Tomcat 5.5.10
Apache Tomcat 5.5.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-12326
CVE-2024-44852
XSS
privilege escalation
CSRF
CVE-2024-12115
CVE-2024-38925
CVE-2024-38144
CVE-2024-6387
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »