apache vulnerabilities and exploits

(subscribe to this query)

Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, 6.0.0 up to and including 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote maliciou...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11 Apache Tomcat 4.1.12 Apache Tomcat 4.1.13 Apache Tomcat 4.1.14 Apache Tomcat 4.1.15 Apache Tomcat 4.1.16 Apache Tomcat 4.1.17

Multiple memory leaks in rev_hunt.c in Apache Subversion prior to 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.

Apache Subversion Apache Subversion 0.6 Apache Subversion 0.7 Apache Subversion 0.8 Apache Subversion 0.9 Apache Subversion 0.10.0 Apache Subversion 0.10.1 Apache Subversion 0.10.2 Apache Subversion 0.11.1 Apache Subversion 0.12.0 Apache Subversion 0.13.0 Apache Subversion 0.13.1

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion prior to 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking ...

Apache Subversion Apache Subversion 0.6 Apache Subversion 0.7 Apache Subversion 0.8 Apache Subversion 0.9 Apache Subversion 0.10.0 Apache Subversion 0.10.1 Apache Subversion 0.10.2 Apache Subversion 0.11.1 Apache Subversion 0.12.0 Apache Subversion 0.13.0 Apache Subversion 0.13.1

Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, and 6.0.0 up to and including 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote malicious users to cause a denial of service (application outage) via a crafted re...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

Apache Tomcat 4.1.0 up to and including 4.1.39, 5.5.0 up to and including 5.5.27, and 6.0.0 up to and including 6.0.18, when FORM authentication is used, allows remote malicious users to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of pa...

Apache Tomcat 4.1.0 Apache Tomcat 4.1.1 Apache Tomcat 4.1.2 Apache Tomcat 4.1.3 Apache Tomcat 4.1.4 Apache Tomcat 4.1.5 Apache Tomcat 4.1.6 Apache Tomcat 4.1.7 Apache Tomcat 4.1.8 Apache Tomcat 4.1.9 Apache Tomcat 4.1.10 Apache Tomcat 4.1.11

1 EDB exploit

The TextParseUtil.translateVariables method in Apache Struts 2.x prior to 2.3.20 allows remote malicious users to execute arbitrary code via a crafted OGNL expression with ANTLR tooling.

Apache Struts 2.0.1 Apache Struts 2.0.2 Apache Struts 2.0.3 Apache Struts 2.0.4 Apache Struts 2.0.5 Apache Struts 2.0.6 Apache Struts 2.0.7 Apache Struts 2.0.8 Apache Struts 2.0.9 Apache Struts 2.0.10 Apache Struts 2.0.11 Apache Struts 2.0.11.1

org/apache/catalina/filters/CsrfPreventionFilter.java in Apache Tomcat 6.x prior to 6.0.36 and 7.x prior to 7.0.32 allows remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism via a request that lacks a session identifier.

Apache Tomcat 6.0 Apache Tomcat 6.0.0 Apache Tomcat 6.0.1 Apache Tomcat 6.0.2 Apache Tomcat 6.0.3 Apache Tomcat 6.0.4 Apache Tomcat 6.0.5 Apache Tomcat 6.0.6 Apache Tomcat 6.0.7 Apache Tomcat 6.0.8 Apache Tomcat 6.0.9 Apache Tomcat 6.0.10

Apache Tomcat prior to 5.5.35, 6.x prior to 6.0.35, and 7.x prior to 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote malicious users to cause a denial of service (CPU consumption) by sendi...

Apache Tomcat 5.5.35 Apache Tomcat 6.0.0 Apache Tomcat 6.0.1 Apache Tomcat 6.0.2 Apache Tomcat 6.0.3 Apache Tomcat 6.0.4 Apache Tomcat 6.0.5 Apache Tomcat 6.0.6 Apache Tomcat 6.0.7 Apache Tomcat 6.0.8 Apache Tomcat 6.0.9 Apache Tomcat 6.0.10

1 EDB exploit

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Apache Struts 2.3.1 Apache Struts 2.3.1.1 Apache Struts 2.3.1.2 Apache Struts 2.3.3 Apache Struts 2.3.4 Apache Struts 2.3.4.1 Apache Struts 2.3.7 Apache Struts 2.3.8 Apache Struts 2.3.12 Apache Struts 2.3.14 Apache Struts 2.3.14.1 Apache Struts 2.3.14.2

2 EDB exploits7 Github repositories1 Article

Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack prior to 4.1.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Physical network name to the Zone wizard; (2) New network name, (3) instance name, or (4) group to the Instance ...

Apache Cloudstack Apache Cloudstack 2.0 Apache Cloudstack 2.0.1 Apache Cloudstack 2.1.0 Apache Cloudstack 2.1.1 Apache Cloudstack 2.1.2 Apache Cloudstack 2.1.3 Apache Cloudstack 2.1.4 Apache Cloudstack 2.1.5 Apache Cloudstack 2.1.6 Apache Cloudstack 2.1.7 Apache Cloudstack 2.1.8

« PREV 1 2 3 4 5 6 7 8 9 10 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook