Lucene search
+L

180 matches found

CNVD
CNVD
added 2018/10/08 12:0 a.m.7 views

Apache Tomcat Open Redirect Vulnerability

Apache Tomcat is a lightweight Web application server. Apache Tomcat suffers from an open redirection vulnerability, where when the default servlet returns a redirection to a directory e.g., to '/ foo /' when a user requests '/ foo', a specially crafted URL can be used to generate the redirection...

4.3CVSS5.7AI score0.94494EPSS
Exploits3References1
OpenVAS
OpenVAS
added 2018/10/05 12:0 a.m.163 views

Apache Tomcat Open Redirect Vulnerability - Windows

When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

4.3CVSS5.5AI score0.94494EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2018/10/05 12:0 a.m.79 views

Apache Tomcat Open Redirect Vulnerability - Linux

When the default servlet in Apache Tomcat returned a redirect to a directory e.g. redirecting to SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

4.3CVSS5.5AI score0.94494EPSS
Exploits3References3
Prion
Prion
added 2018/10/04 1:29 p.m.38 views

Design/Logic Flaw

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS4.6AI score0.94494EPSS
Exploits3References39Affected Software14
NVD
NVD
added 2018/10/04 1:29 p.m.27 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS4.9AI score0.94494EPSS
Exploits3References39
OSV
OSV
added 2018/10/04 1:29 p.m.41 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS6.6AI score
Exploits0References39
Cvelist
Cvelist
added 2018/10/04 1:0 p.m.36 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

5.2AI score0.94494EPSS
Exploits3References39
Debian CVE
Debian CVE
added 2018/10/04 1:0 p.m.52 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS6AI score0.94494EPSS
Exploits3
Veracode
Veracode
added 2018/10/04 9:6 a.m.43 views

Open Redirection

tomcat-catalina is vulnerable to open redirection. The vulnerability is possible because the library creates a protocol-relative redirect in the default servlet when generating a redirect to a directory, allowing an attack through any malicious URL...

4.3CVSS5.1AI score0.94494EPSS
Exploits3References59Affected Software2
UbuntuCve
UbuntuCve
added 2018/10/04 12:0 a.m.34 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS6.4AI score0.94494EPSS
Exploits3References3
RedHat Linux
RedHat Linux
added 2018/10/03 1:54 p.m.6 views

tomcat: Open redirect in default servlet

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS6.8AI score0.94494EPSS
Exploits3References7
RedHat Linux
RedHat Linux
added 2018/10/03 1:42 p.m.5 views

tomcat: Open redirect in default servlet

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a specially crafted URL could be used to cause the redirect to be generated to any URI of the...

4.3CVSS6.8AI score0.94494EPSS
Exploits3References7
Apache Tomcat
Apache Tomcat
added 2018/09/10 12:0 a.m.128 views

Fixed in Apache Tomcat 9.0.12

Moderate: Open Redirect CVE-2018-11784 When the default servlet returned a redirect to a directory e.g. redirecting to /foo/ when the user requested /foo a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. This was fixed in revision...

4.3CVSS5.2AI score0.94494EPSS
Exploits3Affected Software1
Apache Tomcat
Apache Tomcat
added 2018/09/10 12:0 a.m.91 views

Fixed in Apache Tomcat 8.5.34

Moderate: Open Redirect CVE-2018-11784 When the default servlet returned a redirect to a directory e.g. redirecting to /foo/ when the user requested /foo a specially crafted URL could be used to cause the redirect to be generated to any URI of the attackers choice. This was fixed in revision...

4.3CVSS5.2AI score0.94494EPSS
Exploits3Affected Software1
CNVD
CNVD
added 2018/08/03 12:0 a.m.6 views

Apache Axis Cross-Site Scripting Vulnerability

Apache Axis is the United States Apache Apache Software Foundation , an open source , XML-based Web services architecture , which includes Java and C++ language implementation of the SOAP server , as well as a variety of utility services and APIs to generate and deploy Web services applications ....

6.1CVSS7AI score0.10554EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2018/08/02 9:18 p.m.34 views

CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...

6.1CVSS2AI score0.10554EPSS
Exploits0References2
Prion
Prion
added 2018/08/02 1:29 p.m.18 views

Cross site scripting

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...

4.3CVSS6.9AI score0.10554EPSS
Exploits0References14Affected Software38
UbuntuCve
UbuntuCve
added 2018/08/02 1:29 p.m.35 views

CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...

6.1CVSS6.8AI score0.10554EPSS
Exploits0References4
OSV
OSV
added 2018/08/02 1:29 p.m.24 views

CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...

6.1CVSS5.6AI score
Exploits0References15
OSV
OSV
added 2018/08/02 1:29 p.m.1 views

DEBIAN-CVE-2018-8032

Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting XSS attack in the default servlet/services...

6.1CVSS6.7AI score0.10554EPSS
Exploits0References1
Rows per page
Query Builder