Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

266 matches found

Apache Tomcat
Apache Tomcatadded 2011/01/13 12:0 a.m.39 views

Fixed in Apache Tomcat 6.0.30

Low: Cross-site scripting CVE-2011-0013 The HTML Manager interface displayed web application provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administrative user when viewing the manager pages. This was fixed in revision...

4.3CVSS5.6AI score0.42009EPSS
Exploits4Affected Software1
Positive Technologies
Positive Technologiesadded 2011/01/13 12:0 a.m.7 views

PT-2011-1433 · Apache +2 · Apache Tomcat +2

Name of the Vulnerable Software and Affected Versions: Apache Tomcat versions 7.0.0 through 7.0.3 Apache Tomcat version 6.0.x Apache Tomcat version 5.5.x Description: The issue allows local web applications to read or write files outside of the intended working directory when running within a...

7.5CVSS5.9AI score0.9444EPSS
Exploits42References111
Apache Tomcat
Apache Tomcatadded 2010/10/21 12:0 a.m.45 views

Fixed in Apache Tomcat 7.0.4

Low: SecurityManager file permission bypass CVE-2010-3718 When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate file...

1.2CVSS5.3AI score0.01353EPSS
Exploits1Affected Software1
Zero Day Initiative
Zero Day Initiativeadded 2010/10/12 12:0 a.m.32 views

Oracle Database Java Stored Procedure Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to break out of the Java Sandbox implemented by Oracle's relational database. Authentication is required in that a user must be able to create a Java stored procedure to trigger the issue. The specific flaw exists within Oracle's custom SecurityManager...

9CVSS6.8AI score0.01732EPSS
Exploits0References1
securityvulns
securityvulnsadded 2010/04/06 12:0 a.m.60 views

ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability

ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-055 April 5, 2010 -- CVE ID: CVE-2010-0095 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- Vulnerabili...

6.8CVSS0.03036EPSS
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2010/04/05 12:0 a.m.40 views

Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability

This vulnerability allows remote attackers to violate security policies on vulnerable installations of Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must run a malicious applet. The specific flaw allows malicious applets to connect to network...

10CVSS2.5AI score0.03036EPSS
Exploits0References1
Rows per page
Query Builder