exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 093

GHSA-c78g-qwpw-2jgv

около 3 лет назад

Improper Neutralization of Input During Web Page Generation in Apache Tomcat

EPSS: Средний

GHSA-c57p-3v2g-w9rg

около 3 лет назад

Insertion of Sensitive Information into Log File in Apache Tomcat

EPSS: Низкий

GHSA-c38m-v4m2-524v

около 3 лет назад

Apache Tomcat Allows Remote Attackers to Spoof AJP Requests

EPSS: Низкий

GHSA-9xrj-439h-62hg

около 3 лет назад

Improper Authentication in Apache Tomcat

EPSS: Низкий

GHSA-9hjv-9h75-xmpp

около 3 лет назад

Improper Verification of Source of a Communication Channel in Apache Tomcat

CVSS3: 6.3

EPSS: Низкий

GHSA-9hg2-395j-83rm

около 3 лет назад

Expected Behavior Violation in Apache Tomcat

CVSS3: 9.8

EPSS: Низкий

GHSA-9ggm-7897-x4mg

около 3 лет назад

Improper Input Validation in Apache Tomcat

EPSS: Низкий

GHSA-99rf-92v6-cwx4

около 3 лет назад

Improper Access Control in Apache Tomcat

EPSS: Низкий

GHSA-9785-w233-x6hv

около 3 лет назад

Improper Resource Shutdown or Release in Apache Tomcat

CVSS3: 7.5

EPSS: Средний

GHSA-975h-h4pp-737q

около 3 лет назад

The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.

EPSS: Высокий

GHSA-9737-qmgc-hfr9

около 3 лет назад

Directory Traversal in Apache Tomcat

CVSS3: 5.3

EPSS: Средний

GHSA-8wch-9gcg-v2pr

около 3 лет назад

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat

EPSS: Средний

GHSA-8vmx-qmch-mpqg

около 6 лет назад

Apache Tomcat OS Command Injection vulnerability

CVSS3: 8.1

EPSS: Критический

GHSA-8v5p-2cpv-c2x6

около 3 лет назад

Apache Tomcat Source Code Disclosure

EPSS: Низкий

GHSA-8qq4-8jvq-mfw4

около 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

CVSS3: 7.5

EPSS: Критический

GHSA-8h2q-qm9x-55jc

около 3 лет назад

Denial of Service in Apache Tomcat

EPSS: Средний

GHSA-8g4f-fh7f-4fwh

около 3 лет назад

Apache Tomcat Default Installation Reveals Sensitive Information

EPSS: Средний

GHSA-8f4w-jwqv-5cxc

около 3 лет назад

Apache Tomcat Vulnerable to Denial of Service (DoS) via Simultaneous Requests

EPSS: Средний

GHSA-8c5c-v572-37xf

около 3 лет назад

The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before 7.0.52-1ubuntu0.7 on Ubuntu 14.04 LTS, and tomcat8 and libtomcat8-java packages before 8.0.32-1ubuntu1.2 on Ubuntu 16.04 LTS allows local users with access to the tomcat account to gain root privileges via a symlink attack on the Catalina log file, as demonstrated by /var/log/tomcat7/catalina.out.

CVSS3: 7.8

EPSS: Средний

GHSA-87w9-x2c3-hrjj

около 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-c78g-qwpw-2jgv Improper Neutralization of Input During Web Page Generation in Apache Tomcat		23% Средний	около 3 лет назад
GHSA-c57p-3v2g-w9rg Insertion of Sensitive Information into Log File in Apache Tomcat		0% Низкий	около 3 лет назад
GHSA-c38m-v4m2-524v Apache Tomcat Allows Remote Attackers to Spoof AJP Requests		1% Низкий	около 3 лет назад
GHSA-9xrj-439h-62hg Improper Authentication in Apache Tomcat		1% Низкий	около 3 лет назад
GHSA-9hjv-9h75-xmpp Improper Verification of Source of a Communication Channel in Apache Tomcat	CVSS3: 6.3	0% Низкий	около 3 лет назад
GHSA-9hg2-395j-83rm Expected Behavior Violation in Apache Tomcat	CVSS3: 9.8	10% Низкий	около 3 лет назад
GHSA-9ggm-7897-x4mg Improper Input Validation in Apache Tomcat		0% Низкий	около 3 лет назад
GHSA-99rf-92v6-cwx4 Improper Access Control in Apache Tomcat		3% Низкий	около 3 лет назад
GHSA-9785-w233-x6hv Improper Resource Shutdown or Release in Apache Tomcat	CVSS3: 7.5	28% Средний	около 3 лет назад
GHSA-975h-h4pp-737q The Windows installer for Apache Tomcat 6.0.0 through 6.0.20, 5.5.0 through 5.5.28, and possibly earlier versions uses a blank default password for the administrative user, which allows remote attackers to gain privileges.		89% Высокий	около 3 лет назад
GHSA-9737-qmgc-hfr9 Directory Traversal in Apache Tomcat	CVSS3: 5.3	36% Средний	около 3 лет назад
GHSA-8wch-9gcg-v2pr Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat		10% Средний	около 3 лет назад
GHSA-8vmx-qmch-mpqg Apache Tomcat OS Command Injection vulnerability	CVSS3: 8.1	94% Критический	около 6 лет назад
GHSA-8v5p-2cpv-c2x6 Apache Tomcat Source Code Disclosure		6% Низкий	около 3 лет назад
GHSA-8qq4-8jvq-mfw4 Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat	CVSS3: 7.5	91% Критический	около 3 лет назад
GHSA-8h2q-qm9x-55jc Denial of Service in Apache Tomcat		23% Средний	около 3 лет назад
GHSA-8g4f-fh7f-4fwh Apache Tomcat Default Installation Reveals Sensitive Information		32% Средний	около 3 лет назад
GHSA-8f4w-jwqv-5cxc Apache Tomcat Vulnerable to Denial of Service (DoS) via Simultaneous Requests		21% Средний	около 3 лет назад
GHSA-8c5c-v572-37xf The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before 7.0.52-1ubuntu0.7 on Ubuntu 14.04 LTS, and tomcat8 and libtomcat8-java packages before 8.0.32-1ubuntu1.2 on Ubuntu 16.04 LTS allows local users with access to the tomcat account to gain root privileges via a symlink attack on the Catalina log file, as demonstrated by /var/log/tomcat7/catalina.out.	CVSS3: 7.8	20% Средний	около 3 лет назад
GHSA-87w9-x2c3-hrjj Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat		1% Низкий	около 3 лет назад

Уязвимостей на страницу