Lucene search
K

11 matches found

SUSE CVE
SUSE CVE
added 2026/05/06 1:44 a.m.10 views

SUSE CVE-2026-28780

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

6.5CVSS5.8AI score0.01325EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.10 views

MiracleLinux 4 : tomcat6-6.0.24-114.AXS4 (AXSA:2020-4523:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4523:01 advisory. tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability CVE-2020-1938 Tenable has extracted the preceding description block directly from the MiracleLinu...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References2
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.9 views

MiracleLinux 7 : tomcat-7.0.76-11.el7 (AXSA:2020-4508:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4508:01 advisory. tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability CVE-2020-1938 Tenable has extracted the preceding description block directly from the MiracleLinu...

9.8CVSS7.7AI score0.9927EPSS
Exploits45References2
RedhatCVE
RedhatCVE
added 2026/01/07 9:52 a.m.11 views

CVE-2013-6009

CRLF injection vulnerability in Open-Xchange AppSuite before 7.2.2, when using AJP in certain conditions, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the ajax/defer servlet...

4.3CVSS7.3AI score0.00958EPSS
Exploits0References1
Gitee
Gitee
added 2025/09/14 5:55 p.m.103 views

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability POCs and exploits. The primary vulnerability targeted by the provided code is CNVD-2020-10487, a Tomcat-Ajp LFI Local File Inclusion vulnerability. The tool is designed to exploit this vulnerability to gain...

7.2AI score
Exploits0
RedHat Linux
RedHat Linux
added 2021/08/11 6:21 p.m.7 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/11/04 1:39 a.m.8 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
Gitee
Gitee
added 2020/08/26 7:50 p.m.10 views

Exploit for CVE-2020-1938

It is an exploit module for CNVD-2020-10487 CVE-2020-1938, a file read vulnerability in Tomcat AJP. The vulnerability allows an attacker to read files on the server by sending a specially crafted AJP request. The exploit is implemented in Python 2.7 and uses the ajpy library to interact with the...

9.8CVSS6.7AI score0.9927EPSS
Exploits45
RedHat Linux
RedHat Linux
added 2020/07/01 10:55 a.m.10 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
RedHat Linux
RedHat Linux
added 2020/04/21 10:55 a.m.6 views

tomcat: Apache Tomcat AJP File Read/Inclusion Vulnerability

CVE-2020-1938 is a file read/inclusion vulnerability in the AJP connector in Apache Tomcat. This is enabled by default with a default configuration port of 8009. A remote, unauthenticated attacker could exploit this vulnerability to read web application files from a vulnerable server. In instance...

9.8CVSS7.5AI score0.9927EPSS
Exploits45References11
Vulnrichment
Vulnrichment
added 2020/02/24 9:19 p.m.30 views

CVE-2020-1938

When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that...

9.9AI score0.9927EPSS
Exploits45References51
Rows per page
Query Builder