Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

OSV
OSVadded 2026/05/12 6:30 p.m.2 views

GHSA-5M62-PW8W-7W9F Apache Tomcat - Security constraints not correctly applied

Versions Affected: Apache Tomcat 11.0.0-M1 to 11.0.21 Apache Tomcat 10.1.0-M1 to 10.1.54 Apache Tomcat 9.0.0.M1 to 9.0.117 Older, unsupported versions may also be affected Description: When multiple security constraints defined an HTTP method constraint for the same extension pattern, only the...

9.1CVSS5.8AI score0.00085EPSS
Exploits0References10
Amazon
Amazonadded 2025/11/10 12:0 a.m.2 views

Medium: tomcat

Issue Overview: Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage...

5.3CVSS6.9AI score0.00129EPSS
Exploits0
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-0522

Malware in sbrugna...

5.9CVSS6.8AI score0.0304EPSS
Exploits0References72
GithubExploit
GithubExploitadded 2025/03/16 11:59 a.m.354 views

Exploit for Deserialization of Untrusted Data in Apache Tomcat

利用条件 + DefaultServlet 写入功能启用:需在 web.xml 中配置 readonly=false...

9.8CVSS9.3AI score0.9413EPSS
Exploits45
Amazon
Amazonadded 2024/08/13 12:0 a.m.3 views

Important: tomcat

Issue Overview: Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn l...

7.5CVSS7AI score0.21539EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2021/10/06 12:0 a.m.19 views

PT-2021-5289 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 8.5.60 through 8.5.71 Apache Tomcat versions 9.0.40 through 9.0.53 Apache Tomcat versions 10.0.0-M1 through 10.0.11 Apache Tomcat versions 10.1.0-M1 through 10.1.0-M5 Description: The issue is related to a memory leak i...

9.8CVSS6.7AI score0.93325EPSS
Exploits30References170
OpenVAS
OpenVASadded 2020/02/21 12:0 a.m.1497 views

Apache Tomcat AJP RCE Vulnerability (Ghostcat) - Active Check

Apache Tomcat is prone to a remote code execution RCE vulnerability in the AJP connector dubbed SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.8CVSS7.7AI score0.94469EPSS
Exploits44References10
RedHat Linux
RedHat Linuxadded 2019/01/22 1:42 p.m.2 views

tomcat: Host name verification missing in WebSocket client

The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88...

7.5CVSS7.2AI score0.1333EPSS
Exploits0References4
Rows per page
Query Builder