CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE•added 2020/02/24 9:19 p.m.•4222 views

CVE-2020-1938

CVE-2020-1938 (Tomcat AJP vulnerability) : The issue affects Apache Tomcat where the AJP Connector, enabled by default in several legacy releases, could be reached through untrusted networks. An attacker could exploit the configured AJP path to read arbitrary files in the web application and pote...

9.8CVSS9.9AI score0.94469EPSS

In wildExploits44References52Affected Software2

Debian CVE•added 2018/01/31 2:0 p.m.•27 views

CVE-2017-15706

As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not correct. As a...

5.3CVSS6AI score0.03301EPSS

Exploits0

Tenable Nessus•added 2013/05/20 12:0 a.m.•13 views

Apache Tomcat 7.0.x < 7.0.40 Information Disclosure

Binary data 800784.prm...

2.6CVSS7.3AI score0.08446EPSS

Exploits2References2

UbuntuCve•added 2011/04/08 3:17 p.m.•32 views

CVE-2011-1475

The HTTP BIO connector in Apache Tomcat 7.0.x before 7.0.12 does not properly handle HTTP pipelining, which allows remote attackers to read responses intended for other clients in opportunistic circumstances by examining the application data in HTTP packets, related to "a mix-up of responses for...

5CVSS5.9AI score0.11701EPSS

Exploits0References1

Tenable Nessus•added 2011/02/13 12:0 a.m.•16 views

Apache Tomcat 7.0.x < 7.0.8 Denial of Service Vulnerability

Binary data 800621.prm...

5CVSS7.3AI score0.16272EPSS

Exploits0References2

Tenable Nessus•added 2011/02/13 12:0 a.m.•13 views

Apache Tomcat 7.0.x < 7.0.5 Multiple XSS

Binary data 5793.pasl...

4.3CVSS7.3AI score0.11901EPSS

Exploits1References2