exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 093

GHSA-xmf4-j3j7-xj7q

около 3 лет назад

Apache Tomcat DoS Via Requests Including Null Characters

EPSS: Низкий

GHSA-xmc9-6p56-3c4v

около 3 лет назад

Apache Tomcat XSS In Accept-Language Headers

EPSS: Средний

GHSA-xh5x-j8jf-pcpx

около 3 лет назад

Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat

EPSS: Высокий

GHSA-xcpr-7mr4-h4xq

7 месяцев назад

Apache Tomcat - Authentication Bypass

CVSS3: 9.8

EPSS: Низкий

GHSA-x89r-2wjq-mj7x

около 3 лет назад

Apache Tomcat Discloses MS-DOS Pathname

EPSS: Средний

GHSA-x75h-2jg7-ffxw

около 3 лет назад

Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.

EPSS: Низкий

GHSA-x445-mmpw-7r4f

около 3 лет назад

Apache Tomcat Allows Source Disclosure

EPSS: Средний

GHSA-wr3m-gw98-mc3j

около 3 лет назад

Improper Input Validation in Apache Tomcat

EPSS: Высокий

GHSA-wq2p-q66w-q8gp

около 3 лет назад

Apache Tomcat Denial of Service vulnerability

EPSS: Высокий

GHSA-wjwr-3jch-479j

около 3 лет назад

Apache Tomcat SendMailServlet XSS

EPSS: Средний

GHSA-wfvx-wr33-m97w

около 3 лет назад

The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.

CVSS3: 7.8

EPSS: Низкий

GHSA-wfj7-mhr5-pcwq

около 3 лет назад

Apache Tomcat Reveals Directories

EPSS: Средний

GHSA-wf5v-jhxj-q632

около 3 лет назад

Denial of service in Apache Tomcat

EPSS: Средний

GHSA-w97x-xfxf-f9xj

около 3 лет назад

Jakarta Tomcat Denial of Service vulnerability

EPSS: Низкий

GHSA-w7cg-5969-678w

около 3 лет назад

Apache Tomcat allows remote attackers to bypass a CSRF protection mechanism by using a token

CVSS3: 8.8

EPSS: Низкий

GHSA-w6q7-ww2x-7gm3

около 3 лет назад

Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat

EPSS: Средний

GHSA-w65j-cmqc-37p2

около 3 лет назад

JULI logging component in Apache Tomcat does not restrict certain permissions for web applications

EPSS: Средний

GHSA-w3j5-q8f2-3cqq

около 3 лет назад

Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat

CVSS3: 7.5

EPSS: Низкий

GHSA-w227-xcfx-3pj8

около 3 лет назад

Exposure of Sensitive Information in Apache Tomcat

EPSS: Высокий

GHSA-vch7-92vf-jm44

около 3 лет назад

Apache Tomcat does not follow ServletSecurity annotations

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-xmf4-j3j7-xj7q Apache Tomcat DoS Via Requests Including Null Characters		2% Низкий	около 3 лет назад
GHSA-xmc9-6p56-3c4v Apache Tomcat XSS In Accept-Language Headers		52% Средний	около 3 лет назад
GHSA-xh5x-j8jf-pcpx Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat		73% Высокий	около 3 лет назад
GHSA-xcpr-7mr4-h4xq Apache Tomcat - Authentication Bypass	CVSS3: 9.8	1% Низкий	7 месяцев назад
GHSA-x89r-2wjq-mj7x Apache Tomcat Discloses MS-DOS Pathname		18% Средний	около 3 лет назад
GHSA-x75h-2jg7-ffxw Cross-site scripting (XSS) vulnerability in jsp/cal/cal2.jsp in the calendar application in the examples web application in Apache Tomcat on Red Hat Enterprise Linux 5, Desktop Workstation 5, and Linux Desktop 5 allows remote attackers to inject arbitrary web script or HTML via the time parameter, related to "invalid HTML." NOTE: this is due to a missing fix for CVE-2009-0781.		1% Низкий	около 3 лет назад
GHSA-x445-mmpw-7r4f Apache Tomcat Allows Source Disclosure		17% Средний	около 3 лет назад
GHSA-wr3m-gw98-mc3j Improper Input Validation in Apache Tomcat		74% Высокий	около 3 лет назад
GHSA-wq2p-q66w-q8gp Apache Tomcat Denial of Service vulnerability		79% Высокий	около 3 лет назад
GHSA-wjwr-3jch-479j Apache Tomcat SendMailServlet XSS		42% Средний	около 3 лет назад
GHSA-wfvx-wr33-m97w The postinst script in the tomcat6 package before 6.0.45+dfsg-1~deb7u4 on Debian wheezy, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u8 on Debian wheezy, before 7.0.56-3+deb8u6 on Debian jessie, before 7.0.52-1ubuntu0.8 on Ubuntu 14.04 LTS, and on Ubuntu 12.04 LTS, 16.04 LTS, and 16.10; and the tomcat8 package before 8.0.14-1+deb8u5 on Debian jessie, before 8.0.32-1ubuntu1.3 on Ubuntu 16.04 LTS, before 8.0.37-1ubuntu0.1 on Ubuntu 16.10, and before 8.0.38-2ubuntu1 on Ubuntu 17.04 might allow local users with access to the tomcat account to obtain sensitive information or gain root privileges via a symlink attack on the Catalina localhost directory.	CVSS3: 7.8	0% Низкий	около 3 лет назад
GHSA-wfj7-mhr5-pcwq Apache Tomcat Reveals Directories		52% Средний	около 3 лет назад
GHSA-wf5v-jhxj-q632 Denial of service in Apache Tomcat		13% Средний	около 3 лет назад
GHSA-w97x-xfxf-f9xj Jakarta Tomcat Denial of Service vulnerability		2% Низкий	около 3 лет назад
GHSA-w7cg-5969-678w Apache Tomcat allows remote attackers to bypass a CSRF protection mechanism by using a token	CVSS3: 8.8	2% Низкий	около 3 лет назад
GHSA-w6q7-ww2x-7gm3 Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat		12% Средний	около 3 лет назад
GHSA-w65j-cmqc-37p2 JULI logging component in Apache Tomcat does not restrict certain permissions for web applications		12% Средний	около 3 лет назад
GHSA-w3j5-q8f2-3cqq Concurrent Execution using Shared Resource with Improper Synchronization in Apache Tomcat	CVSS3: 7.5	9% Низкий	около 3 лет назад
GHSA-w227-xcfx-3pj8 Exposure of Sensitive Information in Apache Tomcat		89% Высокий	около 3 лет назад
GHSA-vch7-92vf-jm44 Apache Tomcat does not follow ServletSecurity annotations		16% Средний	около 3 лет назад

Уязвимостей на страницу