Lucene search
K

60 matches found

Nuclei
Nuclei
added yesterday211 views

Jakarta Tomcat 3.1 and 3.0 - Information Disclosure

Jakarta Tomcat 3.1 and 3.0 under Apache contain a vulnerability in the Snoop servlet that reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension, exploit requires remote access. id: CVE-2000-0760 info: name: Jakarta Tomcat 3.1 and 3.0 -...

6.4CVSS5.8AI score0.62496EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2001-0900

Malware in sbrugna...

5CVSS6.4AI score0.08176EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2003-0041

Malware in sbrugna...

5CVSS6.1AI score0.04049EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2000-0668

Malware in sbrugna...

5CVSS6.4AI score0.09846EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.12 views

EUVD-2022-1852

Malicious code in bioql PyPI...

5CVSS6.4AI score0.02491EPSS
Exploits0References3
F5 Networks
F5 Networks
added 2023/02/21 6:19 p.m.385 views

K16828: Apache Tomcat vulnerability CVE-2005-2090

Security Advisory Description Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length...

4.3CVSS6.3AI score0.29784EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2022/05/01 2:4 a.m.43 views

Tomcat Vulnerable to Web Cache Poisoning

Jakarta Tomcat 5.0.19 Coyote/1.1 and Tomcat 4.1.24 Coyote/1.0 allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Tomcat t...

4.3CVSS6.4AI score0.29784EPSS
Exploits4References35Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/30 6:14 p.m.23 views

Jakarta Apache Tomcat Reveals Physical Paths

Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path...

6.4CVSS6.6AI score0.2566EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/04/30 6:14 p.m.19 views

GHSA-QG4G-6JCQ-RW93 Jakarta Apache Tomcat Reveals Physical Paths

Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path...

6.4CVSS5.9AI score0.2566EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2022/04/29 1:25 a.m.30 views

Jakarta Tomcat cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...

6.8CVSS6.2AI score0.09133EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/04/29 1:25 a.m.25 views

GHSA-5HGM-QM5M-5VMW Jakarta Tomcat cross-site scripting (XSS) vulnerability

Multiple cross-site scripting XSS vulnerabilities in the 1 examples and 2 ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML...

6.8CVSS5.6AI score0.09133EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2022/04/29 1:25 a.m.26 views

Jakarta Tomcat Denial of Service vulnerability

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...

5CVSS6.8AI score0.02491EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2022/04/29 1:25 a.m.30 views

Jakarta Tomcat Directory Listing vulnerability

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character...

5CVSS7AI score0.46035EPSS
Exploits0References12Affected Software1
OSV
OSV
added 2022/04/29 1:25 a.m.17 views

GHSA-W97X-XFXF-F9XJ Jakarta Tomcat Denial of Service vulnerability

Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service thread hang and resource consumption via a request for a JSP page containing an MS-DOS device name, such as aux.jsp...

5CVSS6.4AI score0.02491EPSS
Exploits0References3
OSV
OSV
added 2022/04/29 1:25 a.m.30 views

GHSA-QFW2-WVRW-MVW4 Jakarta Tomcat Directory Listing vulnerability

Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character...

5CVSS6.4AI score0.46035EPSS
Exploits0References12
Veracode
Veracode
added 2019/03/25 8:40 a.m.19 views

Information Disclosure

Jakarta Tomcat is vulnerable to information disclosure. An Error 404 generates an error message that contains the full file system page of the current context with the physical path, allowing a remote attacker to perform further attacks against the server...

6.4CVSS5.5AI score0.2566EPSS
Exploits1References5Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.40 views

SLES9: Security update for jakarta-tomcat

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: jakarta-tomcat For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5012618 within...

5CVSS6.3AI score0.90768EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.41 views

SLES9: Security update for Tomcat

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache-jakarta-tomcat-connectors apache2-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please vis...

4.3CVSS7.6AI score0.99708EPSS
Exploits22References1
OpenVAS
OpenVAS
added 2009/10/10 12:0 a.m.34 views

SLES9: Security update for Tomcat

The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: apache2-jakarta-tomcat-connectors apache-jakarta-tomcat-connectors jakarta-tomcat jakarta-tomcat-doc jakarta-tomcat-examples For more information, please vis...

5CVSS7.5AI score0.45579EPSS
Exploits8
Rows per page
Query Builder