Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

tomcat vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2011-1184
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not have the expected countermeasures against replay attacks, which makes it easier for remote attackers to bypass intended access...
Apache Tomcat 5.5.1Apache Tomcat 5.5.28Apache Tomcat 5.5.5Apache Tomcat 5.5.4Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.32Apache Tomcat 5.5.20Apache Tomcat 5.5.30Apache Tomcat 5.5.8Apache Tomcat 5.5.33Apache Tomcat 5.5.17Apache Tomcat 5.5.27Apache Tomcat 5.5.18Apache Tomcat 5.5.12Apache Tomcat 5.5.10Apache Tomcat 5.5.7Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.5.26Apache Tomcat 5.5.15Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.5.3Apache Tomcat 5.5.31Apache Tomcat 5.5.9Apache Tomcat 5.5.25Apache Tomcat 5.5.2Apache Tomcat 5.5.0Apache Tomcat 5.5.24Apache Tomcat 5.5.16Apache Tomcat 5.5.29Apache Tomcat 5.5.19Apache Tomcat 5.5.23Apache Tomcat 6.0Apache Tomcat 6.0.14Apache Tomcat 6.0.17Apache Tomcat 6.0.18Apache Tomcat 6.0.2Apache Tomcat 6.0.32Apache Tomcat 6.0.20Apache Tomcat 6.0.19Apache Tomcat 6.0.8Apache Tomcat 6.0.9Apache Tomcat 6.0.4Apache Tomcat 6.0.27Apache Tomcat 6.0.6Apache Tomcat 6.0.11Apache Tomcat 6.0.7Apache Tomcat 6.0.15Apache Tomcat 6.0.10Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.24Apache Tomcat 6.0.28Apache Tomcat 6.0.0Apache Tomcat 6.0.1Apache Tomcat 6.0.12Apache Tomcat 6.0.5Apache Tomcat 6.0.30Apache Tomcat 6.0.13Apache Tomcat 6.0.26Apache Tomcat 6.0.16Apache Tomcat 7.0.11Apache Tomcat 7.0.2Apache Tomcat 7.0.5Apache Tomcat 7.0.6Apache Tomcat 7.0.3Apache Tomcat 7.0.7Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.9Apache Tomcat 7.0.8Apache Tomcat 7.0.0Apache Tomcat 7.0.4
7.5
CVSSv2
CVE-2009-3548
The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges....
Apache Tomcat 6.0.13Apache Tomcat 6.0.12Apache Tomcat 6.0.4Apache Tomcat 6.0.3Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.24Apache Tomcat 5.5.25Apache Tomcat 5.5.3Apache Tomcat 5.5.4Apache Tomcat 5.5.28Apache Tomcat 3.3Apache Tomcat 5.5.10Apache Tomcat 5.5.7Apache Tomcat 6.0.7Apache Tomcat 5.5.20Apache Tomcat 6.0.15Apache Tomcat 5.5.21Apache Tomcat 6.0.17Apache Tomcat 4.1.22Apache Tomcat 4.1.13Apache Tomcat 4.0.3Apache Tomcat 4.1.33Apache Tomcat 5.5.0Apache Tomcat 4.1.1Apache Tomcat 4.1.28Apache Tomcat 4.1.15Apache Tomcat 4.1.3Apache Tomcat 5.5.8Apache Tomcat 3.1.1Apache Tomcat 5.5.17Apache Tomcat 4.0.5Apache Tomcat 3.2Apache Tomcat 3.3.1Apache Tomcat 6.0.16Apache Tomcat 6.0.8Apache Tomcat 4.1.36Apache Tomcat 5.0.19Apache Tomcat 4.1.21Apache Tomcat 6.0.11Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 3.2.2Apache Tomcat 5.0.7Apache Tomcat 5.5.11Apache Tomcat 4.1.25Apache Tomcat 5.5.26Apache Tomcat 5.0.9Apache Tomcat 4.1.4Apache Tomcat 5.5.5Apache Tomcat 4.1.7Apache Tomcat 4.1.11Apache Tomcat 5.0.21Apache Tomcat 5.5.22Apache Tomcat 6.0.20Apache Tomcat 6.0.10Apache Tomcat 5.0.0Apache Tomcat 5.0.6Apache Tomcat 6.0.9Apache Tomcat 5.0.27Apache Tomcat 4.0.6Apache Tomcat 4.1.5Apache Tomcat 4.1.26Apache Tomcat 4.1.8Apache Tomcat 5.0.18Apache Tomcat 6.0.0Apache Tomcat 4.1.17Apache Tomcat 5.0.29Apache Tomcat 6.0.1Apache Tomcat 5.0.13Apache Tomcat 6.0.18Apache Tomcat 5.0.17Apache Tomcat 4.1.20Apache Tomcat 4.0.0Apache Tomcat 5.0.4Apache Tomcat 4.1.32Apache Tomcat 3.2.3Apache Tomcat 6.0.2Apache Tomcat 5.0.1Apache Tomcat 5.5.23Apache Tomcat 4.1.6Apache Tomcat 5.0.24Apache Tomcat 5.0.12Apache Tomcat 5.5.27Apache Tomcat 3.1Apache Tomcat 4.1.2Apache Tomcat 4.0.4Apache Tomcat 4.1.35Apache Tomcat 3.2.1Apache Tomcat 4.1.9Apache Tomcat 5.5.18Apache Tomcat 5.0.8Apache Tomcat 6.0.6Apache Tomcat 4.1.24Apache Tomcat 5.0.22Apache Tomcat 5.5.1Apache Tomcat 5.5.6Apache Tomcat 4.1.39Apache Tomcat 5.0.15Apache Tomcat 3.3.2Apache Tomcat 5.0.30Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 3.2.4Apache Tomcat 5.0.2Apache Tomcat 5.0.10Apache Tomcat 4.1.27Apache Tomcat 4.1.30Apache Tomcat 4.1.38Apache Tomcat 3.0Apache Tomcat 5.0.26Apache Tomcat 4.1.18Apache Tomcat 4.1.14Apache Tomcat 4.1.19Apache Tomcat 4.1.31Apache Tomcat 4.1.16Apache Tomcat 4.1.29Apache Tomcat 5.0.16Apache Tomcat 6.0Apache Tomcat 5.5.9Apache Tomcat 4.0.1Apache Tomcat 3.3.1aApache Tomcat 6.0.14Apache Tomcat 5.5.2Apache Tomcat 5.0.5Apache Tomcat 5.0.28Apache Tomcat 4.1.12Apache Tomcat 4.1.10Apache Tomcat 5.5.16Apache Tomcat 4.1.0Apache Tomcat 6.0.5Apache Tomcat 4.0.2Apache Tomcat 5.5.19Apache Tomcat 4.1.23Apache Tomcat 4.1.34Apache Tomcat 4.1.37Apache Tomcat 5.0.25Apache Tomcat 5.0.11Apache Tomcat 5.0.3
6.8
CVSSv2
CVE-2013-6357
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as...
Apache TomcatApache Tomcat 5.5.23Apache Tomcat 5.5.19Apache Tomcat 5.5.17Apache Tomcat 5.5.10Apache Tomcat 5.5.0Apache Tomcat 5.0.30Apache Tomcat 5.0.29Apache Tomcat 5.0.24Apache Tomcat 5.0.22Apache Tomcat 5.0.15Apache Tomcat 5.0.13Apache Tomcat 4.0.4Apache Tomcat 4.1.9Apache Tomcat 5.0.8Apache Tomcat 5.0.19Apache Tomcat 4.1.24Apache Tomcat 5.0.7Apache Tomcat 5.5.20Apache Tomcat 5.0.2Apache Tomcat 3.0Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.0.6Apache Tomcat 4.1.31Apache Tomcat 5.5.3Apache Tomcat 5.0.18Apache Tomcat 5.5.2Apache Tomcat 5.0.5Apache Tomcat 4.1.15Apache Tomcat 5.5.8Apache Tomcat 5.0.17Apache Tomcat 3.1.1Apache Tomcat 4.0.2Apache Tomcat 3.2.3Apache Tomcat 3.3Apache Tomcat 4.1.36Apache Tomcat 3.2.1Apache Tomcat 5.5.18Apache Tomcat 5Apache Tomcat 5.5.12Apache Tomcat 5.0.14Apache Tomcat 5.5.14Apache Tomcat 3.2.2Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.1Apache Tomcat 5.5.11Apache Tomcat 5.5.6Apache Tomcat 5.0.9Apache Tomcat 3.3.2Apache Tomcat 5.5.15Apache Tomcat 5.0.23Apache Tomcat 5.5.5Apache Tomcat 5.0.10Apache Tomcat 5.0.21Apache Tomcat 5.0.26Apache Tomcat 5.0.0Apache Tomcat 5.0.27Apache Tomcat 4.1.29Apache Tomcat 5.0.16Apache Tomcat 4.0.6Apache Tomcat 3.3.1aApache Tomcat 5.0.28Apache Tomcat 4.1.1Apache Tomcat 5.5.13Apache Tomcat 5.5.24Apache Tomcat 4.1.28Apache Tomcat 4.1.3Apache Tomcat 4.1.10Apache Tomcat 5.5.16Apache Tomcat 4.1.0Apache Tomcat 4.0.5Apache Tomcat 4.0.0Apache Tomcat 4Apache Tomcat 5.0.4Apache Tomcat 5.0.25Apache Tomcat 5.0.1Apache Tomcat 3.2Apache Tomcat 5.0.11Apache Tomcat 5.0.3Apache Tomcat 5.0.12Apache Tomcat 3.1Apache Tomcat 4.1.2Apache Tomcat 1.1.3Apache Tomcat 3.2.4Apache Tomcat 5.5.9Apache Tomcat 4.0.3Apache Tomcat 4.0.1Apache Tomcat 4.1.12Apache Tomcat 3.3.1
5
CVSSv2
CVE-2014-0075
Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows remote attackers to cause a denial of service (resource consumption) via a malformed...
Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.4Apache Tomcat 7.0.45Apache Tomcat 7.0.46Apache Tomcat 7.0.2Apache Tomcat 7.0.12Apache Tomcat 7.0.20Apache Tomcat 7.0.8Apache Tomcat 7.0.5Apache Tomcat 7.0.26Apache Tomcat 7.0.28Apache Tomcat 7.0.50Apache Tomcat 7.0.14Apache Tomcat 7.0.11Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 7.0.29Apache Tomcat 7.0.13Apache Tomcat 7.0.47Apache Tomcat 7.0.41Apache Tomcat 7.0.19Apache Tomcat 7.0.36Apache Tomcat 7.0.25Apache Tomcat 7.0.35Apache Tomcat 7.0.27Apache Tomcat 7.0.9Apache Tomcat 7.0.33Apache Tomcat 7.0.49Apache Tomcat 7.0.34Apache Tomcat 7.0.22Apache Tomcat 7.0.0Apache Tomcat 7.0.6Apache Tomcat 7.0.48Apache Tomcat 7.0.44Apache Tomcat 7.0.7Apache Tomcat 7.0.37Apache Tomcat 7.0.30Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 7.0.43Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.40Apache Tomcat 7.0.3Apache Tomcat 8.0.1Apache Tomcat 8.0.0Apache Tomcat 8.0.3Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.28Apache Tomcat 6.0.36Apache Tomcat 6.0.37Apache Tomcat 6.0.7Apache Tomcat 6.0Apache Tomcat 6.0.0Apache Tomcat 6.0.6Apache Tomcat 6.0.4Apache TomcatApache Tomcat 6Apache Tomcat 6.0.15Apache Tomcat 6.0.20Apache Tomcat 6.0.9Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.32Apache Tomcat 6.0.14Apache Tomcat 6.0.12Apache Tomcat 6.0.2Apache Tomcat 6.0.5Apache Tomcat 6.0.30Apache Tomcat 6.0.13Apache Tomcat 6.0.8Apache Tomcat 6.0.33Apache Tomcat 6.0.1Apache Tomcat 6.0.24Apache Tomcat 6.0.17Apache Tomcat 6.0.26Apache Tomcat 6.0.35Apache Tomcat 6.0.16
5
CVSSv2
CVE-2008-5515
Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access...
Apache Tomcat 4.1.14Apache Tomcat 4.1.15Apache Tomcat 4.1.21Apache Tomcat 4.1.22Apache Tomcat 4.1.29Apache Tomcat 4.1.3Apache Tomcat 4.1.37Apache Tomcat 4.1.38Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.20Apache Tomcat 5.5.21Apache Tomcat 4.1.24Apache Tomcat 5.5.4Apache Tomcat 5.5.7Apache Tomcat 5.5.6Apache Tomcat 4.1.39Apache Tomcat 5.5.15Apache Tomcat 5.5.5Apache Tomcat 4.1.30Apache Tomcat 5.5.22Apache Tomcat 6.0.10Apache Tomcat 6.0.3Apache Tomcat 4.1.31Apache Tomcat 4.1.16Apache Tomcat 4.1.17Apache Tomcat 5.5.0Apache Tomcat 6.0.1Apache Tomcat 6.0.12Apache Tomcat 5.5.24Apache Tomcat 6.0.18Apache Tomcat 5.5.16Apache Tomcat 4.1.0Apache Tomcat 4.1.23Apache Tomcat 6.0.2Apache Tomcat 5.5.23Apache Tomcat 5.5.27Apache Tomcat 4.1.2Apache Tomcat 4.1.35Apache Tomcat 4.1.36Apache Tomcat 5.5.18Apache Tomcat 6.0.6Apache Tomcat 5.5.12Apache Tomcat 5.5.10Apache Tomcat 5.5.1Apache Tomcat 6.0.7Apache Tomcat 5.5.11Apache Tomcat 4.1.25Apache Tomcat 6.0.4Apache Tomcat 5.5.26Apache Tomcat 4.1.27Apache Tomcat 6.0.15Apache Tomcat 4.1.11Apache Tomcat 4.1.18Apache Tomcat 4.1.19Apache Tomcat 6.0.9Apache Tomcat 5.5.3Apache Tomcat 6.0.17Apache Tomcat 6.0Apache Tomcat 4.1.26Apache Tomcat 4.1.13Apache Tomcat 5.5.9Apache Tomcat 5.5.25Apache Tomcat 6.0.0Apache Tomcat 6.0.14Apache Tomcat 5.5.2Apache Tomcat 4.1.33Apache Tomcat 4.1.1Apache Tomcat 4.1.12Apache Tomcat 4.1.28Apache Tomcat 4.1.10Apache Tomcat 5.5.8Apache Tomcat 6.0.5Apache Tomcat 4.1.20Apache Tomcat 5.5.17Apache Tomcat 5.5.19Apache Tomcat 4.1.34Apache Tomcat 4.1.32Apache Tomcat 6.0.13Apache Tomcat 6.0.16
6.8
CVSSv2
CVE-2016-6816
The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid...
Apache Tomcat 6.0.1Apache Tomcat 6.0.2Apache Tomcat 6.0.3Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.18Apache Tomcat 6.0.19Apache Tomcat 6.0.27Apache Tomcat 6.0.28Apache Tomcat 6.0.35Apache Tomcat 6.0.36Apache Tomcat 6.0.43Apache Tomcat 6.0.44Apache Tomcat 6.0.6Apache Tomcat 6.0.7Apache Tomcat 6.0.14Apache Tomcat 6.0.15Apache Tomcat 6.0.22Apache Tomcat 6.0.23Apache Tomcat 6.0.31Apache Tomcat 6.0.32Apache Tomcat 6.0.39Apache Tomcat 6.0.40Apache Tomcat 6.0.47Apache Tomcat 6.0.0Apache Tomcat 6.0.8Apache Tomcat 6.0.9Apache Tomcat 6.0.16Apache Tomcat 6.0.17Apache Tomcat 6.0.24Apache Tomcat 6.0.25Apache Tomcat 6.0.26Apache Tomcat 6.0.33Apache Tomcat 6.0.34Apache Tomcat 6.0.41Apache Tomcat 6.0.42Apache Tomcat 6.0.4Apache Tomcat 6.0.5Apache Tomcat 6.0.12Apache Tomcat 6.0.13Apache Tomcat 6.0.20Apache Tomcat 6.0.21Apache Tomcat 6.0.29Apache Tomcat 6.0.30Apache Tomcat 6.0.37Apache Tomcat 6.0.38Apache Tomcat 6.0.45Apache Tomcat 6.0.46Apache Tomcat 7.0.71Apache Tomcat 7.0.72Apache Tomcat 7.0.66Apache Tomcat 7.0.67Apache Tomcat 7.0.55Apache Tomcat 7.0.56Apache Tomcat 7.0.2Apache Tomcat 7.0.3Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.19Apache Tomcat 7.0.20Apache Tomcat 7.0.27Apache Tomcat 7.0.28Apache Tomcat 7.0.35Apache Tomcat 7.0.36Apache Tomcat 7.0.44Apache Tomcat 7.0.45Apache Tomcat 7.0.62Apache Tomcat 7.0.63Apache Tomcat 7.0.50Apache Tomcat 7.0.51Apache Tomcat 7.0.59Apache Tomcat 7.0.48Apache Tomcat 7.0.6Apache Tomcat 7.0.7Apache Tomcat 7.0.14Apache Tomcat 7.0.15Apache Tomcat 7.0.23Apache Tomcat 7.0.24Apache Tomcat 7.0.31Apache Tomcat 7.0.32Apache Tomcat 7.0.39Apache Tomcat 7.0.40Apache Tomcat 7.0.41Apache Tomcat 7.0.0Apache Tomcat 7.0.70Apache Tomcat 7.0.64Apache Tomcat 7.0.65Apache Tomcat 7.0.52Apache Tomcat 7.0.53Apache Tomcat 7.0.54Apache Tomcat 7.0.49Apache Tomcat 7.0.1Apache Tomcat 7.0.8Apache Tomcat 7.0.9Apache Tomcat 7.0.16Apache Tomcat 7.0.17Apache Tomcat 7.0.18Apache Tomcat 7.0.25Apache Tomcat 7.0.26Apache Tomcat 7.0.33Apache Tomcat 7.0.34Apache Tomcat 7.0.42Apache Tomcat 7.0.43Apache Tomcat 7.0.60Apache Tomcat 7.0.61Apache Tomcat 7.0.68Apache Tomcat 7.0.69Apache Tomcat 7.0.57Apache Tomcat 7.0.58Apache Tomcat 7.0.4Apache Tomcat 7.0.5Apache Tomcat 7.0.12Apache Tomcat 7.0.13Apache Tomcat 7.0.21Apache Tomcat 7.0.22Apache Tomcat 7.0.29Apache Tomcat 7.0.30Apache Tomcat 7.0.37Apache Tomcat 7.0.38Apache Tomcat 7.0.46Apache Tomcat 7.0.47Apache Tomcat 8.0.3Apache Tomcat 8.0.4Apache Tomcat 8.0.11Apache Tomcat 8.0.12Apache Tomcat 8.0.20Apache Tomcat 8.0.21Apache Tomcat 8.0.28Apache Tomcat 8.0.29Apache Tomcat 8.0.36Apache Tomcat 8.0.37Apache Tomcat 8.0.38Apache Tomcat 8.0.7Apache Tomcat 8.0.8Apache Tomcat 8.0.16Apache Tomcat 8.0.17Apache Tomcat 8.0.24Apache Tomcat 8.0.25Apache Tomcat 8.0.32Apache Tomcat 8.0.33Apache Tomcat 8.0.1Apache Tomcat 8.0.2Apache Tomcat 8.0.9Apache Tomcat 8.0.10Apache Tomcat 8.0.18Apache Tomcat 8.0.19Apache Tomcat 8.0.26Apache Tomcat 8.0.27Apache Tomcat 8.0.34Apache Tomcat 8.0.35Apache Tomcat 8.0.5Apache Tomcat 8.0.6Apache Tomcat 8.0.13Apache Tomcat 8.0.14Apache Tomcat 8.0.15Apache Tomcat 8.0.22Apache Tomcat 8.0.23Apache Tomcat 8.0.30Apache Tomcat 8.0.31Apache Tomcat 8.0.0Apache Tomcat 8.5.5Apache Tomcat 8.5.6Apache Tomcat 8.5.1Apache Tomcat 8.5.2Apache Tomcat 8.5.3Apache Tomcat 8.5.4Apache Tomcat 8.5.0Apache Tomcat 9.0.0
5
CVSSv2
CVE-2012-0022
Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a...
Apache Tomcat 5.5.10Apache Tomcat 5.5.1Apache Tomcat 5.5.5Apache Tomcat 5.5.30Apache Tomcat 5.5.9Apache Tomcat 5.5.8Apache Tomcat 5.5.17Apache Tomcat 5.5.18Apache Tomcat 5.5.15Apache Tomcat 5.5.3Apache Tomcat 5.5.22Apache Tomcat 5.5.2Apache Tomcat 5.5.33Apache Tomcat 5.5.4Apache Tomcat 5.5.14Apache Tomcat 5.5.11Apache Tomcat 5.5.32Apache Tomcat 5.5.20Apache Tomcat 5.5.0Apache Tomcat 5.5.25Apache Tomcat 5.5.7Apache Tomcat 5.5.6Apache Tomcat 5.5.16Apache Tomcat 5.5.13Apache Tomcat 5.5.23Apache Tomcat 5.5.26Apache Tomcat 5.5.34Apache Tomcat 5.5.28Apache Tomcat 5.5.27Apache Tomcat 5.5.29Apache Tomcat 5.5.31Apache Tomcat 5.5.12Apache Tomcat 5.5.24Apache Tomcat 5.5.21Apache Tomcat 5.5.19Apache Tomcat 6.0.7Apache Tomcat 6.0.8Apache Tomcat 6.0.0Apache Tomcat 6.0.5Apache Tomcat 6.0.24Apache Tomcat 6.0.13Apache Tomcat 6.0.33Apache Tomcat 6.0.15Apache Tomcat 6.0.30Apache Tomcat 6.0.28Apache Tomcat 6.0.17Apache Tomcat 6.0.3Apache Tomcat 6.0.26Apache Tomcat 6.0.11Apache Tomcat 6.0.10Apache Tomcat 6.0.20Apache Tomcat 6.0.9Apache Tomcat 6.0.29Apache Tomcat 6.0.4Apache Tomcat 6.0.27Apache Tomcat 6.0.31Apache Tomcat 6.0.12Apache Tomcat 6.0Apache Tomcat 6.0.14Apache Tomcat 6.0.6Apache Tomcat 6.0.18Apache Tomcat 6.0.1Apache Tomcat 6.0.2Apache Tomcat 6.0.32Apache Tomcat 6.0.19Apache Tomcat 6.0.16Apache Tomcat 7.0.0Apache Tomcat 7.0.4Apache Tomcat 7.0.21Apache Tomcat 7.0.18Apache Tomcat 7.0.22Apache Tomcat 7.0.1Apache Tomcat 7.0.10Apache Tomcat 7.0.7Apache Tomcat 7.0.9Apache Tomcat 7.0.14Apache Tomcat 7.0.12Apache Tomcat 7.0.5Apache Tomcat 7.0.6Apache Tomcat 7.0.3Apache Tomcat 7.0.15Apache Tomcat 7.0.20Apache Tomcat 7.0.17Apache Tomcat 7.0.11Apache Tomcat 7.0.2Apache Tomcat 7.0.8Apache Tomcat 7.0.13Apache Tomcat 7.0.16Apache Tomcat 7.0.19
2.6
CVSSv2
CVE-2005-3164
The AJP connector in Apache Tomcat 4.0.1 through 4.0.6 and 4.1.0 through 4.1.36, as used in Hitachi Cosminexus Application Server and standalone, does not properly handle when a connection is broken before request body data is sent in a POST request, which can lead to an...
Apache Tomcat 4.0.1Apache Tomcat 4.1.1Apache Tomcat 4.1.10Apache Tomcat 4.1.3Apache Tomcat 4.1.31Apache Tomcat 4.1.36Hitachi Cosminexus Application Server 05 00 05 05 KApache Tomcat 4.0.4Apache Tomcat 4.0.5Apache Tomcat 4.1.2Apache Tomcat 4.1.24Apache Software Foundation Tomcat 4.1.34Hitachi Cosminexus Application Server 05 00 05 05 EApache Tomcat 4.0.6Apache Tomcat 4.1.0Apache Tomcat 4.1.28Hitachi Cosminexus Application Server 05 00 05 05 FHitachi Cosminexus Application Server 05 00 05 05 HApache Tomcat 4.0.2Apache Tomcat 4.0.3Apache Tomcat 4.1.12Apache Tomcat 4.1.15Apache Software Foundation Tomcat 4.1Apache Software Foundation Tomcat 4.1.32
5
CVSSv2
CVE-2012-5887
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with enforcement of proper credentials, which makes it easier for remote attackers to...
Apache Tomcat 5.5.1Apache Tomcat 5.5.28Apache Tomcat 5.5.27Apache Tomcat 5.5.5Apache Tomcat 5.5.4Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.25Apache Tomcat 5.5.10Apache Tomcat 5.5.34Apache Tomcat 5.5.6Apache Tomcat 5.5.15Apache Tomcat 5.5.16Apache Tomcat 5.5.22Apache Tomcat 5.5.23Apache Tomcat 5.5.26Apache Tomcat 5.5.32Apache Tomcat 5.5.20Apache Tomcat 5.5.9Apache Tomcat 5.5.8Apache Tomcat 5.5.29Apache Tomcat 5.5.31Apache Tomcat 5.5.11Apache Tomcat 5.5.12Apache Tomcat 5.5.21Apache Tomcat 5.5.19Apache Tomcat 5.5.30Apache Tomcat 5.5.0Apache Tomcat 5.5.33Apache Tomcat 5.5.7Apache Tomcat 5.5.17Apache Tomcat 5.5.18Apache Tomcat 5.5.24Apache Tomcat 5.5.3Apache Tomcat 5.5.2Apache Tomcat 5.5.35Apache Tomcat 6.0.15Apache Tomcat 6.0.8Apache Tomcat 6.0.9Apache Tomcat 6.0.28Apache Tomcat 6.0.2Apache Tomcat 6.0.0Apache Tomcat 6.0.5Apache Tomcat 6.0.24Apache Tomcat 6.0.13Apache Tomcat 6.0.35Apache Tomcat 6.0.30Apache Tomcat 6.0Apache Tomcat 6.0.7Apache Tomcat 6.0.1Apache Tomcat 6.0.4Apache Tomcat 6.0.27Apache Tomcat 6.0.31Apache Tomcat 6.0.12Apache Tomcat 6.0.14Apache Tomcat 6.0.6Apache Tomcat 6.0.29Apache Tomcat 6.0.17Apache Tomcat 6.0.3Apache Tomcat 6.0.26Apache Tomcat 6.0.11Apache Tomcat 6.0.10Apache Tomcat 6.0.33Apache Tomcat 6.0.18Apache Tomcat 6.0.32Apache Tomcat 6.0.20Apache Tomcat 6.0.19Apache Tomcat 6.0.16Apache Tomcat 7.0.23Apache Tomcat 7.0.2Apache Tomcat 7.0.0Apache Tomcat 7.0.7Apache Tomcat 7.0.19Apache Tomcat 7.0.13Apache Tomcat 7.0.5Apache Tomcat 7.0.1Apache Tomcat 7.0.20Apache Tomcat 7.0.4Apache Tomcat 7.0.22Apache Tomcat 7.0.9Apache Tomcat 7.0.6Apache Tomcat 7.0.21Apache Tomcat 7.0.17Apache Tomcat 7.0.14Apache Tomcat 7.0.3Apache Tomcat 7.0.12Apache Tomcat 7.0.8Apache Tomcat 7.0.28Apache Tomcat 7.0.18Apache Tomcat 7.0.15Apache Tomcat 7.0.10Apache Tomcat 7.0.11Apache Tomcat 7.0.25Apache Tomcat 7.0.16
6.4
CVSSv2
CVE-2014-0227
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request...
Apache Tomcat 6.0.2Apache Tomcat 6.0.7Apache Tomcat 6.0.11Apache Tomcat 6.0.12Apache Tomcat 6.0.20Apache Tomcat 6.0.24Apache Tomcat 6.0.32Apache Tomcat 6.0.33Apache Tomcat 7.0.0Apache Tomcat 7.0.1Apache Tomcat 6.0.0Apache Tomcat 7.0.53Apache Tomcat 6.0.4Apache Tomcat 7.0.39Apache Tomcat 7.0.46Apache Tomcat 6.0.15Apache Tomcat 8.0.1Apache Tomcat 7.0.6Apache Tomcat 7.0.18Apache Tomcat 7.0.23Apache Tomcat 6.0.9Apache Tomcat 7.0.45Apache Tomcat 7.0.31Apache Tomcat 7.0.30Apache Tomcat 7.0.54Apache Tomcat 8.0.0Apache Tomcat 7.0.32Apache Tomcat 6.0.5Apache Tomcat 7.0.24Apache Tomcat 7.0.17Apache Tomcat 7.0.4Apache Tomcat 6.0.8Apache Tomcat 6.0.16Apache Tomcat 7.0.2Apache Tomcat 7.0.49Apache Tomcat 6.0.39Apache Tomcat 7.0.20Apache Tomcat 7.0.5Apache Tomcat 7.0.22Apache Tomcat 7.0.28Apache Tomcat 7.0.50Apache Tomcat 7.0.14Apache Tomcat 6.0.10Apache Tomcat 6.0.31Apache Tomcat 6.0.29Apache Tomcat 6.0.3Apache Tomcat 6.0.1Apache Tomcat 7.0.44Apache Tomcat 6.0.37Apache Tomcat 6.0.17Apache Tomcat 7.0.52Apache Tomcat 7.0.42Apache Tomcat 6.0.28Apache Tomcat 7.0.37Apache Tomcat 7.0.29Apache Tomcat 7.0.13Apache Tomcat 7.0.41Apache Tomcat 7.0.15Apache Tomcat 7.0.16Apache Tomcat 6.0.41Apache Tomcat 7.0.36Apache Tomcat 7.0.35Apache Tomcat 6.0.18Apache Tomcat 7.0.43Apache Tomcat 7.0.38Apache Tomcat 7.0.21Apache Tomcat 7.0.27Apache Tomcat 6.0.30Apache Tomcat 7.0.9Apache Tomcat 8.0.8Apache Tomcat 7.0.3Apache Tomcat 6.0.19Apache Tomcat 7.0.12Apache Tomcat 6.0.6Apache Tomcat 7.0.34Apache Tomcat 7.0.8Apache Tomcat 7.0.26Apache Tomcat 8.0.5Apache Tomcat 7.0.48Apache Tomcat 7.0.11Apache Tomcat 7.0.7Apache Tomcat 7.0.47Apache Tomcat 6.0.14Apache Tomcat 7.0.19Apache Tomcat 7.0.10Apache Tomcat 7.0.25Apache Tomcat 8.0.3Apache Tomcat 7.0.40Apache Tomcat 6.0.13Apache Tomcat 6.0.26Apache Tomcat 6.0.27Apache Tomcat 6.0.35Apache Tomcat 6.0.36Apache Tomcat 7.0.33
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-36542NULL pointer dereferenceCVE-2021-3490CVE-2021-36934code injectionSSRFCVE-2021-34632CVE-2021-33325CVE-2021-27503
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook