exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 1 093

GHSA-qfw2-wvrw-mvw4

около 3 лет назад

Jakarta Tomcat Directory Listing vulnerability

EPSS: Средний

GHSA-qff8-g48j-pwpw

около 3 лет назад

Apache Tomcat treats single quotes as delimiters in cookies

EPSS: Высокий

GHSA-qcxh-w3j9-58qr

около 5 лет назад

Apache Tomcat Denial of Service vulnerability

CVSS3: 7.5

EPSS: Средний

GHSA-q9xf-jwr4-v445

около 3 лет назад

Authentication Bypass in Apache Tomcat

EPSS: Низкий

GHSA-q74x-qqhr-f8rx

около 3 лет назад

Apache Tomcat Cross-site scripting (XSS) vulnerability

EPSS: Средний

GHSA-q4hg-rmq2-52q9

почти 6 лет назад

Improper Locking in Apache Tomcat

CVSS3: 7.5

EPSS: Высокий

GHSA-q3mw-pvr8-9ggc

почти 2 года назад

Apache Tomcat Open Redirect vulnerability

CVSS3: 6.1

EPSS: Средний

GHSA-pxwv-88pv-hh3j

около 3 лет назад

org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.

EPSS: Средний

GHSA-pvjh-7h8q-q56r

около 3 лет назад

Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie header

EPSS: Низкий

GHSA-prc3-7f44-w48j

около 3 лет назад

Missing XML Validation in Apache Tomcat

EPSS: Низкий

GHSA-ppj6-9ppm-3h56

около 3 лет назад

The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).

EPSS: Низкий

GHSA-pm78-wxxf-fw98

около 3 лет назад

Cross-site scripting in Apache Tomcat

EPSS: Высокий

GHSA-p57v-p3fx-qgwm

около 3 лет назад

Apache Tomcat XSS Vulnerability

EPSS: Средний

GHSA-p543-jg43-9pm5

около 3 лет назад

Apache Tomcat may be started without proper security settings

EPSS: Низкий

GHSA-p26v-97vp-jcx6

около 3 лет назад

Access controll bypass in Apache Tomcat

EPSS: Низкий

GHSA-p263-rh6r-g7jw

около 3 лет назад

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

EPSS: Низкий

GHSA-p22x-g9px-3945

больше 2 лет назад

Apache Tomcat may reject request containing invalid Content-Length header

CVSS3: 7.5

EPSS: Низкий

GHSA-mxxf-x9fw-f2hv

около 3 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.

EPSS: Средний

GHSA-mv42-px54-87jw

около 3 лет назад

Improper Access Control in Apache Tomcat

CVSS3: 8.8

EPSS: Низкий

GHSA-mppv-79ch-vw6q

почти 2 года назад

Apache Tomcat vulnerable to information leak

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
GHSA-qfw2-wvrw-mvw4 Jakarta Tomcat Directory Listing vulnerability		56% Средний	около 3 лет назад
GHSA-qff8-g48j-pwpw Apache Tomcat treats single quotes as delimiters in cookies		86% Высокий	около 3 лет назад
GHSA-qcxh-w3j9-58qr Apache Tomcat Denial of Service vulnerability	CVSS3: 7.5	64% Средний	около 5 лет назад
GHSA-q9xf-jwr4-v445 Authentication Bypass in Apache Tomcat		5% Низкий	около 3 лет назад
GHSA-q74x-qqhr-f8rx Apache Tomcat Cross-site scripting (XSS) vulnerability		38% Средний	около 3 лет назад
GHSA-q4hg-rmq2-52q9 Improper Locking in Apache Tomcat	CVSS3: 7.5	72% Высокий	почти 6 лет назад
GHSA-q3mw-pvr8-9ggc Apache Tomcat Open Redirect vulnerability	CVSS3: 6.1	11% Средний	почти 2 года назад
GHSA-pxwv-88pv-hh3j org/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28, when the NIO connector is used in conjunction with sendfile and HTTPS, allows remote attackers to cause a denial of service (infinite loop) by terminating the connection during the reading of a response.		37% Средний	около 3 лет назад
GHSA-pvjh-7h8q-q56r Apache Tomcat has cookies without HTTPOnly flag in Set-Cookie header		2% Низкий	около 3 лет назад
GHSA-prc3-7f44-w48j Missing XML Validation in Apache Tomcat		9% Низкий	около 3 лет назад
GHSA-ppj6-9ppm-3h56 The Java Server Pages (JSP) engine in Tomcat allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).		8% Низкий	около 3 лет назад
GHSA-pm78-wxxf-fw98 Cross-site scripting in Apache Tomcat		77% Высокий	около 3 лет назад
GHSA-p57v-p3fx-qgwm Apache Tomcat XSS Vulnerability		14% Средний	около 3 лет назад
GHSA-p543-jg43-9pm5 Apache Tomcat may be started without proper security settings		2% Низкий	около 3 лет назад
GHSA-p26v-97vp-jcx6 Access controll bypass in Apache Tomcat		1% Низкий	около 3 лет назад
GHSA-p263-rh6r-g7jw Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.		2% Низкий	около 3 лет назад
GHSA-p22x-g9px-3945 Apache Tomcat may reject request containing invalid Content-Length header	CVSS3: 7.5	0% Низкий	больше 2 лет назад
GHSA-mxxf-x9fw-f2hv Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.		12% Средний	около 3 лет назад
GHSA-mv42-px54-87jw Improper Access Control in Apache Tomcat	CVSS3: 8.8	8% Низкий	около 3 лет назад
GHSA-mppv-79ch-vw6q Apache Tomcat vulnerable to information leak	CVSS3: 7.5	0% Низкий	почти 2 года назад

Уязвимостей на страницу