exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 263

GHSA-6vx3-hr43-cfrh

больше 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

CVSS3: 4.3

EPSS: Низкий

GHSA-6v52-mj5r-7j2m

около 7 лет назад

Apache Tomcat Race Condition vulnerability

CVSS3: 5.9

EPSS: Низкий

GHSA-6qr6-x7jm-x2q6

больше 3 лет назад

Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat

CVSS3: 4.3

EPSS: Низкий

GHSA-6m48-jxwx-76q7

больше 3 лет назад

Improper Authentication in Apache Tomcat

EPSS: Низкий

GHSA-6j8f-66vh-39mj

больше 3 лет назад

Apache Tomcat Mishandles Character Sequence in Cookies

EPSS: Высокий

GHSA-6j88-6whg-x687

больше 3 лет назад

Cross-site Scripting in Apache Tomcat

CVSS3: 6.1

EPSS: Средний

GHSA-6gjj-c5mj-4cvp

больше 3 лет назад

Improper Input Validation in Apache Tomcat

EPSS: Средний

GHSA-6cr4-7c7p-p3xv

больше 3 лет назад

Use of Hard-coded Cryptographic Key in Apache Tomcat

EPSS: Низкий

GHSA-698c-2x4j-g9gq

больше 3 лет назад

Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat

CVSS3: 7.5

EPSS: Низкий

GHSA-68g5-8q7f-m384

больше 3 лет назад

Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat

CVSS3: 7.5

EPSS: Низкий

GHSA-653p-vg55-5652

около 1 года назад

Apache Tomcat Uncontrolled Resource Consumption vulnerability

CVSS3: 5.3

EPSS: Низкий

GHSA-5xvw-jhvw-hvp2

больше 3 лет назад

The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to gain root privileges via a setgid program in the Catalina directory, as demonstrated by /etc/tomcat8/Catalina/attack.

CVSS3: 7.8

EPSS: Низкий

GHSA-5x5f-9r6q-q7mh

больше 3 лет назад

Apache Tomcat Sensitive Information Disclosure

EPSS: Низкий

GHSA-5jpg-mjvg-hfhp

больше 3 лет назад

Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.

EPSS: Низкий

GHSA-5j33-cvvr-w245

около 1 года назад

Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability

CVSS3: 9.8

EPSS: Высокий

GHSA-5hgm-qm5m-5vmw

больше 3 лет назад

Jakarta Tomcat cross-site scripting (XSS) vulnerability

EPSS: Средний

GHSA-5cw4-ggx9-36vg

больше 3 лет назад

Apache Tomcat Denial of Service via Malformed Request Headers

EPSS: Средний

GHSA-5c5p-jxvx-x7j2

больше 3 лет назад

Apache Tomcat vulnerable to Cross-site Scripting

EPSS: Низкий

GHSA-58hj-575g-5j25

больше 3 лет назад

Apache Tomcat allows webmasters to insert xss into error messages

EPSS: Низкий

GHSA-4j3c-42xv-3f84

5 месяцев назад

Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-6vx3-hr43-cfrh Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat	CVSS3: 4.3	1% Низкий	больше 3 лет назад
GHSA-6v52-mj5r-7j2m Apache Tomcat Race Condition vulnerability	CVSS3: 5.9	9% Низкий	около 7 лет назад
GHSA-6qr6-x7jm-x2q6 Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat	CVSS3: 4.3	1% Низкий	больше 3 лет назад
GHSA-6m48-jxwx-76q7 Improper Authentication in Apache Tomcat		4% Низкий	больше 3 лет назад
GHSA-6j8f-66vh-39mj Apache Tomcat Mishandles Character Sequence in Cookies		76% Высокий	больше 3 лет назад
GHSA-6j88-6whg-x687 Cross-site Scripting in Apache Tomcat	CVSS3: 6.1	17% Средний	больше 3 лет назад
GHSA-6gjj-c5mj-4cvp Improper Input Validation in Apache Tomcat		15% Средний	больше 3 лет назад
GHSA-6cr4-7c7p-p3xv Use of Hard-coded Cryptographic Key in Apache Tomcat		5% Низкий	больше 3 лет назад
GHSA-698c-2x4j-g9gq Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat	CVSS3: 7.5	0% Низкий	больше 3 лет назад
GHSA-68g5-8q7f-m384 Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat	CVSS3: 7.5	4% Низкий	больше 3 лет назад
GHSA-653p-vg55-5652 Apache Tomcat Uncontrolled Resource Consumption vulnerability	CVSS3: 5.3	7% Низкий	около 1 года назад
GHSA-5xvw-jhvw-hvp2 The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to gain root privileges via a setgid program in the Catalina directory, as demonstrated by /etc/tomcat8/Catalina/attack.	CVSS3: 7.8	0% Низкий	больше 3 лет назад
GHSA-5x5f-9r6q-q7mh Apache Tomcat Sensitive Information Disclosure		4% Низкий	больше 3 лет назад
GHSA-5jpg-mjvg-hfhp Apache Tomcat 5.5.0 and 4.1.0 through 4.1.31 allows remote attackers to bypass an IP address restriction and obtain sensitive information via a request that is processed concurrently with another request but in a different thread, leading to an instance-variable overwrite associated with a "synchronization problem" and lack of thread safety, and related to RemoteFilterValve, RemoteAddrValve, and RemoteHostValve.		4% Низкий	больше 3 лет назад
GHSA-5j33-cvvr-w245 Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability	CVSS3: 9.8	88% Высокий	около 1 года назад
GHSA-5hgm-qm5m-5vmw Jakarta Tomcat cross-site scripting (XSS) vulnerability		27% Средний	больше 3 лет назад
GHSA-5cw4-ggx9-36vg Apache Tomcat Denial of Service via Malformed Request Headers		14% Средний	больше 3 лет назад
GHSA-5c5p-jxvx-x7j2 Apache Tomcat vulnerable to Cross-site Scripting		1% Низкий	больше 3 лет назад
GHSA-58hj-575g-5j25 Apache Tomcat allows webmasters to insert xss into error messages		1% Низкий	больше 3 лет назад
GHSA-4j3c-42xv-3f84 Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector	CVSS3: 7.5	0% Низкий	5 месяцев назад

Уязвимостей на страницу