Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache tomcat 5.5.17 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3835
Apache Tomcat 5 prior to 5.5.17 allows remote malicious users to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
Apache Tomcat 5.5.12
Apache Tomcat 5.5.7
Apache Tomcat 5.5.9
Apache Tomcat 5.0.28
Apache Tomcat 5.5.16
1 EDB exploit
NA
CVE-2013-6357
Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demons...
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5
Apache Tomcat
Apache Tomcat 5.0.19
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.0.7
1 EDB exploit
NA
CVE-2012-0022
Apache Tomcat 5.5.x prior to 5.5.35, 6.x prior to 6.0.34, and 7.x prior to 7.0.23 uses an inefficient approach for handling parameters, which allows remote malicious users to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter val...
Apache Tomcat 5.5.27
Apache Tomcat 5.5.18
Apache Tomcat 5.5.12
Apache Tomcat 5.5.14
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.28
Apache Tomcat 5.5.6
Apache Tomcat 5.5.26
Apache Tomcat 5.5.20
Apache Tomcat 5.5.15
Apache Tomcat 5.5.5
Apache Tomcat 5.5.30
Apache Tomcat 5.5.21
Apache Tomcat 5.5.22
Apache Tomcat 5.5.3
Apache Tomcat 5.5.32
Apache Tomcat 5.5.31
Apache Tomcat 5.5.9
NA
CVE-2012-5886
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 caches information about the authenticated user within the session state, which makes it easier for remote malicious users to bypass authentic...
Apache Tomcat 5.5.30
Apache Tomcat 5.5.0
Apache Tomcat 5.5.8
Apache Tomcat 5.5.33
Apache Tomcat 5.5.31
Apache Tomcat 5.5.17
Apache Tomcat 5.5.24
Apache Tomcat 5.5.3
Apache Tomcat 5.5.19
Apache Tomcat 5.5.2
Apache Tomcat 5.5.27
Apache Tomcat 5.5.9
Apache Tomcat 5.5.4
Apache Tomcat 5.5.29
Apache Tomcat 5.5.14
Apache Tomcat 5.5.11
Apache Tomcat 5.5.12
Apache Tomcat 5.5.20
Apache Tomcat 5.5.21
Apache Tomcat 5.5.25
Apache Tomcat 5.5.10
Apache Tomcat 5.5.7
NA
CVE-2012-5887
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote malicio...
Apache Tomcat 5.5.1
Apache Tomcat 5.5.28
Apache Tomcat 5.5.27
Apache Tomcat 5.5.5
Apache Tomcat 5.5.4
Apache Tomcat 5.5.13
Apache Tomcat 5.5.14
Apache Tomcat 5.5.25
Apache Tomcat 5.5.10
Apache Tomcat 5.5.34
Apache Tomcat 5.5.6
Apache Tomcat 5.5.15
Apache Tomcat 5.5.16
Apache Tomcat 5.5.22
Apache Tomcat 5.5.23
Apache Tomcat 5.5.26
Apache Tomcat 5.5.32
Apache Tomcat 5.5.20
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.29
Apache Tomcat 5.5.31
NA
CVE-2012-5885
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x prior to 5.5.36, 6.x prior to 6.0.36, and 7.x prior to 7.0.30 tracks cnonce (aka client nonce) values instead of nonce (aka server nonce) and nc (aka nonce-count...
Apache Tomcat 5.5.0
Apache Tomcat 5.5.25
Apache Tomcat 5.5.33
Apache Tomcat 5.5.7
Apache Tomcat 5.5.18
Apache Tomcat 5.5.15
Apache Tomcat 5.5.3
Apache Tomcat 5.5.22
Apache Tomcat 5.5.2
Apache Tomcat 5.5.35
Apache Tomcat 5.5.30
Apache Tomcat 5.5.9
Apache Tomcat 5.5.8
Apache Tomcat 5.5.29
Apache Tomcat 5.5.31
Apache Tomcat 5.5.17
Apache Tomcat 5.5.12
Apache Tomcat 5.5.24
Apache Tomcat 5.5.21
Apache Tomcat 5.5.19
Apache Tomcat 5.5.10
Apache Tomcat 5.5.1
NA
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 up to and including 6.0.20, 5.5.0 up to and including 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote malicious users to gain privileges.
Apache Tomcat 5.5.27
Apache Tomcat 3.1
Apache Tomcat 4.1.2
Apache Tomcat 4.0.4
Apache Tomcat 4.1.35
Apache Tomcat 4.1.36
Apache Tomcat 3.2.1
Apache Tomcat 4.1.9
Apache Tomcat 5.5.18
Apache Tomcat 5.0.8
Apache Tomcat 5.0.19
Apache Tomcat 4.1.21
Apache Tomcat 6.0.6
Apache Tomcat 6.0.11
Apache Tomcat 5.5.12
Apache Tomcat 5.0.14
Apache Tomcat 5.5.14
Apache Tomcat 4.1.24
Apache Tomcat 3.2.2
Apache Tomcat 5.5.10
Apache Tomcat 5.0.22
Apache Tomcat 5.5.4
2 EDB exploits
NA
CVE-2008-5519
The JK Connector (aka mod_jk) 1.2.0 up to and including 1.2.26 in Apache Tomcat allows remote malicious users to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client that included...
Apache Mod Jk 1.2.11
Apache Mod Jk 1.2.25
Apache Mod Jk 1.2.9
Apache Mod Jk 1.2.19
Apache Mod Jk 1.2.23
Apache Mod Jk 1.2.16
Apache Mod Jk 1.2.6
Apache Mod Jk 1.2.17
Apache Mod Jk 1.2.24
Apache Mod Jk 1.2.22
Apache Mod Jk 1.2
Apache Mod Jk 1.2.13
Apache Mod Jk 1.2.8
Apache Mod Jk 1.2.10
Apache Mod Jk 1.2.7
Apache Mod Jk 1.2.20
Apache Mod Jk 1.2.21
Apache Mod Jk 1.2.1
Apache Mod Jk 1.2.15
Apache Mod Jk 1.2.12
Apache Mod Jk 1.2.14.1
Apache Mod Jk 1.2.14
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4