Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Debian CVE
Debian CVEadded 2019/12/23 4:39 p.m.55 views

CVE-2019-17563

When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. The window was considered too narrow for an exploit to be practical but, erring on the side of caution, th...

7.5CVSS7.7AI score0.10687EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2019/01/11 12:0 a.m.62 views

Apache Tomcat 7.0.0 < 7.0.2

The version of Tomcat installed on the remote host is prior to 7.0.2. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.2security-7 advisory. - Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid...

6.4CVSS5.5AI score0.54779EPSS
Exploits2References3
Tenable Nessus
Tenable Nessusadded 2018/11/29 12:0 a.m.90 views

FreeBSD : payara -- Code execution via crafted PUT requests to JSPs (22bc5327-f33f-11e8-be46-0019dbb15b3f)

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it containe...

8.1CVSS8.4AI score0.99607EPSS
Exploits17References2
Tenable Nessus
Tenable Nessusadded 2017/10/11 12:0 a.m.710 views

Apache Tomcat 7.0.0 < 7.0.82

The version of Tomcat installed on the remote host is prior to 7.0.82. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat7.0.82security-7 advisory. - When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81...

8.1CVSS7.8AI score0.99988EPSS
Exploits22References6
myhack58
myhack58added 2015/05/07 12:0 a.m.26 views

Tomcat full system packet DoS denial of service vulnerability CVE-2 0 1 4-0 2 3 0-vulnerability warning-the black bar safety net

Tomcat burst number for the CVE-2 0 1 4-0 2 3 0 DoS denial of service vulnerability. The vulnerability risk level is LOW, the impact of the version include: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.43 The problem occurs in with the...

2.2AI score
Exploits0
UbuntuCve
UbuntuCveadded 2011/02/10 12:0 a.m.28 views

CVE-2010-3718

Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write files outside of the intended working directory, as demonstrated using a directory traversal attac...

1.2CVSS6.3AI score0.01353EPSS
Exploits1References5
Rows per page
Query Builder