CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2023/03/08 12:0 a.m.•29 views

Debian: Security Advisory (DLA-435-1)

8.8CVSS7AI score0.4988EPSS

F5 Networks•added 2023/02/21 7:2 p.m.•84 views

K58084500: Apache Tomcat 6.x vulnerabilities CVE-2016-0714

Security Advisory Description The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute...

8.8CVSS8.6AI score0.07095EPSS

Exploits0Affected Software17

F5 Networks•added 2023/02/21 5:32 p.m.•43 views

K30971148: Apache Tomcat 6.x vulnerability CVE-2015-5174

Security Advisory Description Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.65, and 8.x before 8.0.27 allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. slash dot dot in...

4.3CVSS6.5AI score0.04801EPSS

Exploits0Affected Software17

SUSE CVE•added 2023/02/15 5:45 a.m.•2 views

SUSE CVE-2012-3544

Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming data...

5CVSS8.6AI score0.44772EPSS

Exploits1References7

SUSE CVE•added 2023/02/15 5:39 a.m.•1 views

SUSE CVE-2013-2067

java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a...

6.8CVSS7.1AI score0.10445EPSS

Exploits2References4

OSV•added 2022/05/01 5:44 p.m.•36 views

GHSA-4PRH-GQW8-RGH5 Apache Tomcat Directory Traversal

Directory traversal vulnerability in Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules modproxy, modrewrite, modjk, allows remote attackers to read arbitrary files via a .. dot dot sequence with combinations of 1 / slash, 2 \ backslash, and 3 URL-encoded backslash %...

5CVSS6.2AI score0.90452EPSS

Exploits2References34

Tenable Nessus•added 2018/03/12 12:0 a.m.•12 views

Solaris 10 (sparc) : 152514-02

SunOS 5.10: Tomcat 6 Patch. Date this patch was last updated by Sun : Jun/15/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2018/03/12 12:0 a.m.•13 views

Solaris 10 (x86) : 152515-01

SunOS 5.10x86: Tomcat 6 Patch. Date this patch was last updated by Sun : Feb/09/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2018/03/12 12:0 a.m.•19 views

Solaris 10 (x86) : 152515-02

SunOS 5.10x86: Tomcat 6 Patch. Date this patch was last updated by Sun : Jun/15/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2018/03/12 12:0 a.m.•15 views

Solaris 10 (sparc) : 152514-01

SunOS 5.10: Tomcat 6 Patch. Date this patch was last updated by Sun : Feb/09/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

Tenable Nessus•added 2018/03/06 12:0 a.m.•63 views

F5 Networks BIG-IP : Apache Tomcat 6.x vulnerability (K34341852)

The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.67, 8.x before 8.0.30, and 9.x before 9.0.0.M2 processes redirects before considering security constraints and Filters, which allows remote attackers to determine the existence of a directory via a URL that lacks a trailing /...

5.3CVSS6.8AI score0.4988EPSS

Tenable Nessus•added 2018/03/06 12:0 a.m.•34 views

F5 Networks BIG-IP : Apache Tomcat 6.x vulnerability (K18174924)

Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list, which allows remote authenticated users to bypass intended...

4.3CVSS6.8AI score0.01434EPSS

Tenable Nessus•added 2017/02/13 12:0 a.m.•49 views

Solaris 10 (sparc) : 152514-02 (deprecated)

SunOS 5.10: Tomcat 6 Patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 152514 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

Tenable Nessus•added 2017/02/13 12:0 a.m.•19 views

Solaris 10 (x86) : 152515-02 (deprecated)

SunOS 5.10x86: Tomcat 6 Patch. Date this patch was last updated by Sun : Jun/15/17 This plugin has been deprecated and either replaced with individual 152515 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...