Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
tomcat vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-3510
Apache Tomcat 5.5.0 to 5.5.11 allows remote malicious users to cause a denial of service (CPU consumption) via a large number of simultaneous requests to list a web directory that has a large number of files.
Apache Tomcat 5.5.10
Apache Tomcat 5.5.4
Apache Tomcat 5.5.7
Apache Tomcat 5.5.1
Apache Tomcat 5.5.11
Apache Tomcat 5.5.6
Apache Tomcat 5.5.5
Apache Tomcat 5.5.3
Apache Tomcat 5.5.9
Apache Tomcat 5.5.2
Apache Tomcat 5.5.0
Apache Tomcat 5.5.8
NA
CVE-2011-1475
The HTTP BIO connector in Apache Tomcat 7.0.x prior to 7.0.12 does not properly handle HTTP pipelining, which allows remote malicious users to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to &q...
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.5
Apache Tomcat 7.0.1
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.4
2 Github repositories
NA
CVE-2005-0808
Apache Tomcat prior to 5.x allows remote malicious users to cause a denial of service (application crash) via a crafted AJP12 packet to TCP port 8007.
Apache Tomcat 3.2.1
Apache Tomcat 3.2.2
Apache Tomcat 3.1.1
Apache Tomcat 3.2
Apache Tomcat 3.3.1a
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.3
Apache Tomcat 3.3.1
NA
CVE-2008-0002
Apache Tomcat 6.0.0 up to and including 6.0.15 processes parameters in the context of the wrong request when an exception occurs during parameter processing, which might allow remote malicious users to obtain sensitive information, as demonstrated by disconnecting during this pro...
Apache Tomcat 6.0.10
Apache Tomcat 6.0.11
Apache Tomcat 6.0.7
Apache Tomcat 6.0.8
Apache Tomcat 6.0.12
Apache Tomcat 6.0.13
Apache Tomcat 6.0.9
Apache Tomcat 6.0.5
Apache Tomcat 6.0.6
Apache Tomcat 6.0.14
Apache Tomcat 6.0.15
NA
CVE-2011-1419
Apache Tomcat 7.x prior to 7.0.11, when web.xml has no security constraints, does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application. NOTE: this vulnerability exists because of ...
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.10
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
NA
CVE-2011-2729
native/unix/native/jsvc-unix.c in jsvc in the Daemon component 1.0.3 up to and including 1.0.6 in Apache Commons, as used in Apache Tomcat 5.5.32 up to and including 5.5.33, 6.0.30 up to and including 6.0.32, and 7.0.x prior to 7.0.20 on Linux, does not drop capabilities, which a...
Apache Tomcat 5.5.32
Apache Tomcat 5.5.33
Apache Tomcat 6.0.30
Apache Tomcat 6.0.31
Apache Tomcat 6.0.32
Apache Apache Commons Daemon 1.0.3
Apache Apache Commons Daemon 1.0.4
Apache Apache Commons Daemon 1.0.5
Apache Apache Commons Daemon 1.0.6
Apache Tomcat 7.0.0
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.3
Apache Tomcat 7.0.4
Apache Tomcat 7.0.5
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.8
Apache Tomcat 7.0.9
Apache Tomcat 7.0.10
Apache Tomcat 7.0.11
Apache Tomcat 7.0.12
NA
CVE-2007-1358
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 up to and including 4.0.6 and 4.1.0 up to and including 4.1.34 allows remote malicious users to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not con...
Apache Tomcat 4.0.4
Apache Tomcat 4.0.6
Apache Tomcat 4.0.3
Apache Tomcat 4.0.1
Apache Tomcat 4.1.0
Apache Tomcat 4.0.2
Apache Tomcat 4.0.5
Apache Tomcat 4.0.0
Apache Tomcat
NA
CVE-2002-1394
Apache Tomcat 4.0.5 and previous versions, when using both the invoker servlet and the default servlet, allows remote malicious users to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
Apache Tomcat 4.0.4
Apache Tomcat 4.1.9
Apache Tomcat 4.0.3
Apache Tomcat 4.0.1
Apache Tomcat 4.1.3
Apache Tomcat 4.1.10
Apache Tomcat 4.1.0
Apache Tomcat 4.0.2
Apache Tomcat 4.0.5
Apache Tomcat 4.0.0
NA
CVE-2003-0044
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x up to and including 3.3.1a allow remote malicious users to insert arbitrary web script or HTML.
Apache Tomcat 3.3
Apache Tomcat 3.3.1
Apache Tomcat 3.2.3
Apache Tomcat 3.2.4
Apache Tomcat 3.0
Apache Tomcat 3.1
Apache Tomcat 3.1.1
Apache Tomcat 3.3.1a
Apache Tomcat 3.2
Apache Tomcat 3.2.1
NA
CVE-2011-1088
Apache Tomcat 7.x prior to 7.0.10 does not follow ServletSecurity annotations, which allows remote malicious users to bypass intended access restrictions via HTTP requests to a web application.
Apache Tomcat 7.0.8
Apache Tomcat 7.0.1
Apache Tomcat 7.0.2
Apache Tomcat 7.0.5
Apache Tomcat 7.0.0
Apache Tomcat 7.0.6
Apache Tomcat 7.0.7
Apache Tomcat 7.0.9
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »