Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

tomcat vulnerabilities and exploits

(subscribe to this query)

NA
CVE-2011-5064
DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 uses Catalina as the hard-coded server secret (aka private key), which makes it easier for remote attackers to bypass...
Apache Tomcat 5.5.10Apache Tomcat 5.5.1Apache Tomcat 5.5.6Apache Tomcat 5.5.5Apache Tomcat 5.5.16Apache Tomcat 5.5.13Apache Tomcat 5.5.26Apache Tomcat 5.5.32Apache Tomcat 5.5.28Apache Tomcat 5.5.27Apache Tomcat 5.5.4Apache Tomcat 5.5.29Apache Tomcat 5.5.14Apache Tomcat 5.5.11Apache Tomcat 5.5.12Apache Tomcat 5.5.20Apache Tomcat 5.5.21Apache Tomcat 5.5.0Apache Tomcat 5.5.25Apache Tomcat 5.5.33Apache Tomcat 5.5.7Apache Tomcat 5.5.18Apache Tomcat 5.5.15Apache Tomcat 5.5.22Apache Tomcat 5.5.23Apache Tomcat 5.5.30Apache Tomcat 5.5.9Apache Tomcat 5.5.8Apache Tomcat 5.5.31Apache Tomcat 5.5.17Apache Tomcat 5.5.24Apache Tomcat 5.5.3Apache Tomcat 5.5.19Apache Tomcat 5.5.2Apache Tomcat 6.0.30Apache Tomcat 6.0Apache Tomcat 6.0.28Apache Tomcat 6.0.17Apache Tomcat 6.0.18Apache Tomcat 6.0.14Apache Tomcat 6.0.6Apache Tomcat 6.0.1Apache Tomcat 6.0.0Apache Tomcat 6.0.32Apache Tomcat 6.0.24Apache Tomcat 6.0.19Apache Tomcat 6.0.16Apache Tomcat 6.0.15Apache Tomcat 6.0.9Apache Tomcat 6.0.29Apache Tomcat 6.0.27Apache Tomcat 6.0.3Apache Tomcat 6.0.12Apache Tomcat 6.0.11Apache Tomcat 6.0.26Apache Tomcat 6.0.2Apache Tomcat 6.0.10Apache Tomcat 6.0.20Apache Tomcat 6.0.7Apache Tomcat 6.0.8Apache Tomcat 6.0.5Apache Tomcat 6.0.4Apache Tomcat 6.0.13Apache Tomcat 6.0.31Apache Tomcat 7.0.0Apache Tomcat 7.0.4Apache Tomcat 7.0.6Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.7Apache Tomcat 7.0.9Apache Tomcat 7.0.11Apache Tomcat 7.0.2Apache Tomcat 7.0.8Apache Tomcat 7.0.5Apache Tomcat 7.0.3
NA
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access...
Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 5.5.12Apache Tomcat 5.5.14Apache Tomcat 5.5.10Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.28Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.20Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 5.5.30Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.5.3Apache Tomcat 5.5.32Apache Tomcat 5.5.31Apache Tomcat 5.5.9Apache Tomcat 5.5.25Apache Tomcat 5.5.33Apache Tomcat 5.5.2Apache Tomcat 5.5.0Apache Tomcat 5.5.13Apache Tomcat 5.5.24Apache Tomcat 5.5.8Apache Tomcat 5.5.16Apache Tomcat 5.5.17Apache Tomcat 5.5.29Apache Tomcat 5.5.19Apache Tomcat 5.5.23Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 6.0.7Apache Tomcat 6.0.4Apache Tomcat 6.0.15Apache Tomcat 6.0.20Apache Tomcat 6.0.10Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.9Apache Tomcat 6.0.24Apache Tomcat 6.0.17Apache Tomcat 6.0Apache Tomcat 6.0.32Apache Tomcat 6.0.28Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 6.0.1Apache Tomcat 6.0.12Apache Tomcat 6.0.18Apache Tomcat 6.0.5Apache Tomcat 6.0.30Apache Tomcat 6.0.2Apache Tomcat 6.0.13Apache Tomcat 6.0.26Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.16Apache Tomcat 6.0.8Apache Tomcat 7.0.8Apache Tomcat 7.0.1Apache Tomcat 7.0.2Apache Tomcat 7.0.5Apache Tomcat 7.0.0Apache Tomcat 7.0.6Apache Tomcat 7.0.11Apache Tomcat 7.0.7Apache Tomcat 7.0.10Apache Tomcat 7.0.9Apache Tomcat 7.0.4Apache Tomcat 7.0.3
NA
CVE-2013-0346
** DISPUTED ** Apache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might allow local users to obtain sensitive information by reading a file. NOTE: One Tomcat distributor has stated "The tomcat log directory does not contain any...
Apache Tomcat 7.0.2Apache Tomcat 7.0.49Apache Tomcat 7.0.12Apache Tomcat 7.0.20Apache Tomcat 7.0.34Apache Tomcat 7.0.8Apache Tomcat 7.0.1Apache Tomcat 7.0.5Apache Tomcat 7.0.4Apache Tomcat 7.0.22Apache Tomcat 7.0.39Apache Tomcat 7.0.26Apache Tomcat 7.0.46Apache Tomcat 7.0.28Apache Tomcat 7.0.0Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 7.0.18Apache Tomcat 7.0.14Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.23Apache Tomcat 7.0.44Apache Tomcat 7.0.7Apache Tomcat 7.0.42Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.45Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 7.0.41Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.19Apache Tomcat 7.0.16Apache Tomcat 7.0.10Apache Tomcat 7.0.36Apache Tomcat 7.0.25Apache Tomcat 7.0.35Apache Tomcat 7.0.43Apache Tomcat 7.0.32Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.40Apache Tomcat 7.0.9Apache Tomcat 7.0.3Apache Tomcat 7.0.33
NA
CVE-2014-0099
Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP...
Apache Tomcat 6.0.1Apache Tomcat 6.0.10Apache Tomcat 6.0.17Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.28Apache Tomcat 6.0.35Apache Tomcat 6.0.36Apache TomcatApache Tomcat 6Apache Tomcat 6.0.11Apache Tomcat 6.0.12Apache Tomcat 6.0.2Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.37Apache Tomcat 6.0.4Apache Tomcat 6.0.8Apache Tomcat 6.0.0Apache Tomcat 6.0.15Apache Tomcat 6.0.16Apache Tomcat 6.0.24Apache Tomcat 6.0.26Apache Tomcat 6.0.32Apache Tomcat 6.0.33Apache Tomcat 6.0.6Apache Tomcat 6.0.7Apache Tomcat 6.0Apache Tomcat 6.0.13Apache Tomcat 6.0.14Apache Tomcat 6.0.20Apache Tomcat 6.0.30Apache Tomcat 6.0.31Apache Tomcat 6.0.5Apache Tomcat 6.0.9Apache Tomcat 8.0.0Apache Tomcat 8.0.3Apache Tomcat 8.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.19Apache Tomcat 7.0.2Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.32Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.4Apache Tomcat 7.0.52Apache Tomcat 7.0.0Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.29Apache Tomcat 7.0.3Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.50Apache Tomcat 7.0.6Apache Tomcat 7.0.40Apache Tomcat 7.0.47Apache Tomcat 7.0.48Apache Tomcat 7.0.9Apache Tomcat 7.0.1Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.30Apache Tomcat 7.0.31Apache Tomcat 7.0.39Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.7Apache Tomcat 7.0.8Apache Tomcat 7.0.12Apache Tomcat 7.0.13Apache Tomcat 7.0.14Apache Tomcat 7.0.20Apache Tomcat 7.0.27Apache Tomcat 7.0.28Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.49Apache Tomcat 7.0.5
NA
CVE-2011-4858
Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many...
Apache Tomcat 6.0.33Apache Tomcat 6.0.34Apache Tomcat 6.0.26Apache Tomcat 6.0.25Apache Tomcat 6.0.30Apache Tomcat 6.0.29Apache Tomcat 6.0.21Apache Tomcat 6.0.20Apache Tomcat 6.0.13Apache Tomcat 6.0.12Apache Tomcat 6.0.5Apache Tomcat 6.0.4Apache Tomcat 7.0.19Apache Tomcat 7.0.18Apache Tomcat 7.0.11Apache Tomcat 7.0.10Apache Tomcat 7.0.3Apache Tomcat 7.0.2Apache Tomcat 5.5.35Apache Tomcat 6.0.28Apache Tomcat 6.0.27Apache Tomcat 6.0.19Apache Tomcat 6.0.18Apache Tomcat 6.0.11Apache Tomcat 6.0.10Apache Tomcat 6.0.3Apache Tomcat 6.0.2Apache Tomcat 7.0.17Apache Tomcat 7.0.16Apache Tomcat 7.0.9Apache Tomcat 7.0.8Apache Tomcat 7.0.1Apache Tomcat 7.0.0Apache Tomcat 6.0.17Apache Tomcat 6.0.16Apache Tomcat 6.0.9Apache Tomcat 6.0.8Apache Tomcat 6.0.1Apache Tomcat 6.0.0Apache Tomcat 7.0.15Apache Tomcat 7.0.14Apache Tomcat 7.0.7Apache Tomcat 7.0.6Apache Tomcat 6.0.32Apache Tomcat 6.0.31Apache Tomcat 6.0.24Apache Tomcat 6.0.23Apache Tomcat 6.0.22Apache Tomcat 6.0.15Apache Tomcat 6.0.14Apache Tomcat 6.0.7Apache Tomcat 6.0.6Apache Tomcat 7.0.22Apache Tomcat 7.0.21Apache Tomcat 7.0.20Apache Tomcat 7.0.13Apache Tomcat 7.0.12Apache Tomcat 7.0.5Apache Tomcat 7.0.4
NA
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges....
Apache Tomcat 6.0.13Apache Tomcat 6.0.12Apache Tomcat 6.0.4Apache Tomcat 6.0.3Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.24Apache Tomcat 5.5.25Apache Tomcat 5.5.3Apache Tomcat 5.5.4Apache Tomcat 5.5.28Apache Tomcat 3.3Apache Tomcat 6.0.15Apache Tomcat 6.0.16Apache Tomcat 6.0.8Apache Tomcat 6.0.7Apache Tomcat 6.0.17Apache Tomcat 5.5.17Apache Tomcat 5.5.0Apache Tomcat 5.5.10Apache Tomcat 5.5.20Apache Tomcat 5.5.21Apache Tomcat 5.5.7Apache Tomcat 5.5.8Apache Tomcat 3.2Apache Tomcat 3.1.1Apache Tomcat 3.3.1Apache Tomcat 4.0.3Apache Tomcat 4.0.5Apache Tomcat 4.1.1Apache Tomcat 4.1.13Apache Tomcat 4.1.15Apache Tomcat 4.1.22Apache Tomcat 4.1.28Apache Tomcat 4.1.3Apache Tomcat 4.1.33Apache Tomcat 4.1.5Apache Tomcat 4.1.6Apache Tomcat 4.1.4Apache Tomcat 5.0.13Apache Tomcat 5.0.14Apache Tomcat 5.0.12Apache Tomcat 5.0.17Apache Tomcat 5.0.24Apache Tomcat 5.0.18Apache Tomcat 5.0.19Apache Tomcat 5.0.9Apache Tomcat 5.0.6Apache Tomcat 3.2.3Apache Tomcat 3.2.2Apache Tomcat 4.0.0Apache Tomcat 4.0.6Apache Tomcat 4.1.11Apache Tomcat 4.1.17Apache Tomcat 4.1.26Apache Tomcat 4.1.25Apache Tomcat 4.1.21Apache Tomcat 4.1.20Apache Tomcat 4.1.32Apache Tomcat 4.1.36Apache Tomcat 4.1.7Apache Tomcat 4.1.8Apache Tomcat 5.0.1Apache Tomcat 5.0.0Apache Tomcat 5.0.27Apache Tomcat 5.0.21Apache Tomcat 5.0.29Apache Tomcat 5.0.4Apache Tomcat 5.0.7Apache Tomcat 6.0.20Apache Tomcat 6.0.1Apache Tomcat 6.0.0Apache Tomcat 6.0.11Apache Tomcat 6.0.10Apache Tomcat 6.0.9Apache Tomcat 6.0.2Apache Tomcat 6.0.18Apache Tomcat 5.5.11Apache Tomcat 5.5.12Apache Tomcat 5.5.22Apache Tomcat 5.5.23Apache Tomcat 5.5.26Apache Tomcat 5.5.5Apache Tomcat 5.5.6Apache Tomcat 3.0Apache Tomcat 3.2.1Apache Tomcat 3.3.2Apache Tomcat 3.3.1aApache Tomcat 4.1.0Apache Tomcat 4.0.4Apache Tomcat 4.1.16Apache Tomcat 4.1.14Apache Tomcat 4.1.23Apache Tomcat 4.1.24Apache Tomcat 4.1.34Apache Tomcat 4.1.37Apache Tomcat 4.1.35Apache Tomcat 4.1.38Apache Tomcat 4.1.39Apache Tomcat 5.0.10Apache Tomcat 5.0.11Apache Tomcat 5.0.22Apache Tomcat 5.0.23Apache Tomcat 5.0.30Apache Tomcat 5.0.28Apache Tomcat 6.0Apache Tomcat 6.0.14Apache Tomcat 6.0.6Apache Tomcat 6.0.5Apache Tomcat 5.5.15Apache Tomcat 5.5.16Apache Tomcat 5.5.1Apache Tomcat 5.5.18Apache Tomcat 5.5.19Apache Tomcat 5.5.2Apache Tomcat 5.5.9Apache Tomcat 5.5.27Apache Tomcat 3.1Apache Tomcat 3.2.4Apache Tomcat 4.0.2Apache Tomcat 4.0.1Apache Tomcat 4.1.10Apache Tomcat 4.1.12Apache Tomcat 4.1.2Apache Tomcat 4.1.19Apache Tomcat 4.1.18Apache Tomcat 4.1.29Apache Tomcat 4.1.27Apache Tomcat 4.1.30Apache Tomcat 4.1.31Apache Tomcat 4.1.9Apache Tomcat 5.0.15Apache Tomcat 5.0.16Apache Tomcat 5.0.26Apache Tomcat 5.0.25Apache Tomcat 5.0.2Apache Tomcat 5.0.3Apache Tomcat 5.0.5Apache Tomcat 5.0.8
NA
CVE-2014-0075
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed...
Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.4Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 7.0.8Apache Tomcat 7.0.9Apache Tomcat 7.0.52Apache Tomcat 7.0.13Apache Tomcat 7.0.14Apache Tomcat 7.0.2Apache Tomcat 7.0.20Apache Tomcat 7.0.28Apache Tomcat 7.0.29Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.5Apache Tomcat 7.0.50Apache Tomcat 7.0.11Apache Tomcat 7.0.12Apache Tomcat 7.0.19Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.27Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.40Apache Tomcat 7.0.48Apache Tomcat 7.0.49Apache Tomcat 7.0.0Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.3Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.6Apache Tomcat 7.0.7Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 8.0.3Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.28Apache Tomcat 6.0.36Apache Tomcat 6.0.37Apache Tomcat 6.0.7Apache Tomcat 6.0Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 6.0.15Apache Tomcat 6.0.2Apache Tomcat 6.0.20Apache Tomcat 6.0.30Apache Tomcat 6.0.31Apache Tomcat 6.0.32Apache Tomcat 6.0.5Apache Tomcat 6.0.6Apache Tomcat 6.0.9Apache TomcatApache Tomcat 6Apache Tomcat 6.0.12Apache Tomcat 6.0.13Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.4Apache Tomcat 6.0.8Apache Tomcat 6.0.1Apache Tomcat 6.0.16Apache Tomcat 6.0.17Apache Tomcat 6.0.24Apache Tomcat 6.0.26Apache Tomcat 6.0.33Apache Tomcat 6.0.35
NA
CVE-2013-6357
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as...
Apache TomcatApache Tomcat 5.5.23Apache Tomcat 5.5.19Apache Tomcat 5.5.17Apache Tomcat 5.5.10Apache Tomcat 5.5.0Apache Tomcat 5.0.30Apache Tomcat 5.0.29Apache Tomcat 5.0.24Apache Tomcat 5.0.22Apache Tomcat 5.0.15Apache Tomcat 5.0.13Apache Tomcat 4.1.9Apache Tomcat 4.1.31Apache Tomcat 4.1.24Apache Tomcat 4.1.15Apache Tomcat 4.0.4Apache Tomcat 4.0.2Apache Tomcat 3.3Apache Tomcat 3.2.3Apache Tomcat 3.1.1Apache Tomcat 3.0Apache Tomcat 5.5.3Apache Tomcat 5.5.8Apache Tomcat 5.5.22Apache Tomcat 5.5.21Apache Tomcat 5.5.20Apache Tomcat 5.5.2Apache Tomcat 5.0.8Apache Tomcat 5.0.7Apache Tomcat 5.0.6Apache Tomcat 5.0.5Apache Tomcat 5.0.2Apache Tomcat 5.0.19Apache Tomcat 5.0.18Apache Tomcat 5.0.17Apache Tomcat 5.0.16Apache Tomcat 4.1.3Apache Tomcat 4.1.29Apache Tomcat 4.1.28Apache Tomcat 4.0.0Apache Tomcat 4Apache Tomcat 3.3.2Apache Tomcat 3.3.1aApache Tomcat 5.5.4Apache Tomcat 5.5.5Apache Tomcat 5.5.6Apache Tomcat 5.5.7Apache Tomcat 5.5.15Apache Tomcat 5.5.14Apache Tomcat 5.5.13Apache Tomcat 5.5.12Apache Tomcat 5.5.11Apache Tomcat 5.0.28Apache Tomcat 5.0.27Apache Tomcat 5.0.26Apache Tomcat 5.0.25Apache Tomcat 5.0.11Apache Tomcat 5.0.10Apache Tomcat 5.0.1Apache Tomcat 5.0.0Apache Tomcat 4.1.10Apache Tomcat 4.1.1Apache Tomcat 4.1.0Apache Tomcat 4.0.6Apache Tomcat 4.0.5Apache Tomcat 3.2.2Apache Tomcat 3.2.1Apache Tomcat 3.2Apache Tomcat 5.5.24Apache Tomcat 5.5.18Apache Tomcat 5.5.16Apache Tomcat 5.5.1Apache Tomcat 5.0.9Apache Tomcat 5.0.4Apache Tomcat 5.0.3Apache Tomcat 5.0.23Apache Tomcat 5.0.21Apache Tomcat 5.0.14Apache Tomcat 5.0.12Apache Tomcat 5Apache Tomcat 4.1.36Apache Tomcat 4.1.2Apache Tomcat 4.1.12Apache Tomcat 4.0.3Apache Tomcat 4.0.1Apache Tomcat 3.3.1Apache Tomcat 3.2.4Apache Tomcat 3.1Apache Tomcat 1.1.3Apache Tomcat 5.5.9
NA
CVE-2008-3271
Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite...
Apache Tomcat 4.1.2Apache Tomcat 4.1.21Apache Tomcat 4.1.24Apache Tomcat 4.1.25Apache Tomcat 4.1.4Apache Tomcat 4.1.27Apache Tomcat 4.1.30Apache Tomcat 4.1.7Apache Tomcat 4.1.11Apache Tomcat 4.1.18Apache Tomcat 4.1.14Apache Tomcat 4.1.19Apache Tomcat 4.1.31Apache Tomcat 4.1.16Apache Tomcat 4.1.29Apache Tomcat 4.1.22Apache Tomcat 4.1.5Apache Tomcat 4.1.26Apache Tomcat 4.1.13Apache Tomcat 4.1.8Apache Tomcat 4.1.17Apache Tomcat 5.5.0Apache Tomcat 4.1.1Apache Tomcat 4.1.12Apache Tomcat 4.1.28Apache Tomcat 4.1.15Apache Tomcat 4.1.3Apache Tomcat 4.1.10Apache Tomcat 4.1.0Apache Tomcat 4.1.20Apache Tomcat 4.1.23Apache Tomcat 4.1.6Apache Tomcat 4.1.9
NA
CVE-2014-0230
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a...
Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.28Apache Tomcat 6.0.29Apache Tomcat 6.0.36Apache Tomcat 6.0.37Apache Tomcat 6.0.6Apache Tomcat 7.0.0Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.3Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.43Apache Tomcat 7.0.44Apache Tomcat 7.0.52Apache Tomcat 7.0.53Apache Tomcat 8.0.0Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 6.0.15Apache Tomcat 6.0.2Apache Tomcat 6.0.20Apache Tomcat 6.0.31Apache Tomcat 6.0.32Apache Tomcat 6.0.4Apache Tomcat 6.0.41Apache Tomcat 6.0.7Apache Tomcat 6.0.8Apache Tomcat 7.0.11Apache Tomcat 7.0.12Apache Tomcat 7.0.19Apache Tomcat 7.0.2Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.27Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.4Apache Tomcat 7.0.40Apache Tomcat 7.0.48Apache Tomcat 7.0.49Apache Tomcat 7.0.7Apache Tomcat 7.0.8Apache Tomcat 8.0.3Apache Tomcat 8.0.5Apache Tomcat 6.0.12Apache Tomcat 6.0.13Apache Tomcat 6.0.3Apache Tomcat 6.0.30Apache Tomcat 6.0.39Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 7.0.54Apache Tomcat 7.0.6Apache Tomcat 8.0.1Apache Tomcat 6.0.1Apache Tomcat 6.0.16Apache Tomcat 6.0.17Apache Tomcat 6.0.24Apache Tomcat 6.0.26Apache Tomcat 6.0.27Apache Tomcat 6.0.33Apache Tomcat 6.0.35Apache Tomcat 6.0.43Apache Tomcat 6.0.5Apache Tomcat 6.0.9Apache Tomcat 7.0.13Apache Tomcat 7.0.14Apache Tomcat 7.0.20Apache Tomcat 7.0.28Apache Tomcat 7.0.29Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.41Apache Tomcat 7.0.42Apache Tomcat 7.0.5Apache Tomcat 7.0.50Apache Tomcat 7.0.9Apache Tomcat 8.0.8Oracle Virtualization 4.71Oracle Virtualization 4.63Oracle Virtualization 5.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2023-21068CVE-2023-21077unspecifiedCVE-2023-21070CVE-2023-21016file upload
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook