Количество 1 263
Количество 1 263
GHSA-p543-jg43-9pm5
Apache Tomcat may be started without proper security settings
GHSA-p26v-97vp-jcx6
Access controll bypass in Apache Tomcat
GHSA-p263-rh6r-g7jw
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
GHSA-p22x-g9px-3945
Apache Tomcat may reject request containing invalid Content-Length header
GHSA-mxxf-x9fw-f2hv
Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries.
GHSA-mv42-px54-87jw
Improper Access Control in Apache Tomcat
GHSA-mppv-79ch-vw6q
Apache Tomcat vulnerable to information leak
GHSA-mg4v-rf8p-ghqq
Apache Tomcat allows remote attackers to bypass intended access restrictions
GHSA-m8w6-7rh6-4xj6
Apache Tomcat Leaks Information via Error Message
GHSA-m8h8-6rvg-f4mg
Apache Tomcat Path Traversal Vulnerability
GHSA-m7xj-ccqc-p4g2
Apache Tomcat Directory Traversal vulnerability
GHSA-jxcv-v856-j5vg
Apache Tomcat Source Code Disclosure
GHSA-jx7c-7mj5-9438
Apache Tomcat Race Condition vulnerability
GHSA-jrcp-c39h-r29x
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
GHSA-jpqr-vh55-xqxf
Apache Tomcat Buffer Over-Read
GHSA-jmvv-524f-hj5j
Improper Handling of Exceptional Conditions in Apache Tomcat
GHSA-jm7m-8jh6-29hp
Apache Tomcat Incomplete Cleanup vulnerability
GHSA-jjxj-xvcp-cxv8
Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet.
GHSA-jjpq-gp5q-8q6w
Cross-site scripting in Apache Tomcat
GHSA-jgm2-m5cg-f66g
Authentication Bypass in Apache Tomcat
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-p543-jg43-9pm5 Apache Tomcat may be started without proper security settings | 1% Низкий | больше 3 лет назад | |
| GHSA-p26v-97vp-jcx6 Access controll bypass in Apache Tomcat | 1% Низкий | больше 3 лет назад | |
| GHSA-p263-rh6r-g7jw Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. | 5% Низкий | больше 3 лет назад | |
| GHSA-p22x-g9px-3945 Apache Tomcat may reject request containing invalid Content-Length header | CVSS3: 7.5 | 0% Низкий | около 3 лет назад |
| GHSA-mxxf-x9fw-f2hv Multiple cross-site scripting (XSS) vulnerabilities in the example web applications for Jakarta Tomcat 5.5.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) el/functions.jsp, (2) el/implicit-objects.jsp, and (3) jspx/textRotate.jspx in examples/jsp2/, as demonstrated via script in a request to snp/snoop.jsp. NOTE: other XSS issues in the manager were simultaneously reported, but these require admin access and do not cross privilege boundaries. | 8% Низкий | больше 3 лет назад | |
| GHSA-mv42-px54-87jw Improper Access Control in Apache Tomcat | CVSS3: 8.8 | 10% Средний | больше 3 лет назад |
| GHSA-mppv-79ch-vw6q Apache Tomcat vulnerable to information leak | CVSS3: 7.5 | 0% Низкий | больше 2 лет назад |
| GHSA-mg4v-rf8p-ghqq Apache Tomcat allows remote attackers to bypass intended access restrictions | 22% Средний | больше 3 лет назад | |
| GHSA-m8w6-7rh6-4xj6 Apache Tomcat Leaks Information via Error Message | 7% Низкий | больше 3 лет назад | |
| GHSA-m8h8-6rvg-f4mg Apache Tomcat Path Traversal Vulnerability | 89% Высокий | больше 3 лет назад | |
| GHSA-m7xj-ccqc-p4g2 Apache Tomcat Directory Traversal vulnerability | 93% Критический | больше 3 лет назад | |
| GHSA-jxcv-v856-j5vg Apache Tomcat Source Code Disclosure | 37% Средний | больше 3 лет назад | |
| GHSA-jx7c-7mj5-9438 Apache Tomcat Race Condition vulnerability | CVSS3: 3.7 | 0% Низкий | около 3 лет назад |
| GHSA-jrcp-c39h-r29x Improper Neutralization of Input During Web Page Generation in Apache Tomcat | CVSS3: 8.1 | 27% Средний | больше 3 лет назад |
| GHSA-jpqr-vh55-xqxf Apache Tomcat Buffer Over-Read | 3% Низкий | больше 3 лет назад | |
| GHSA-jmvv-524f-hj5j Improper Handling of Exceptional Conditions in Apache Tomcat | CVSS3: 7.5 | 11% Средний | больше 3 лет назад |
| GHSA-jm7m-8jh6-29hp Apache Tomcat Incomplete Cleanup vulnerability | CVSS3: 5.9 | 0% Низкий | около 2 лет назад |
| GHSA-jjxj-xvcp-cxv8 Cross-site scripting vulnerability in Apache Tomcat 4.0.3 allows remote attackers to execute script as other web users via script in a URL with the /servlet/ mapping, which does not filter the script when an exception is thrown by the servlet. | 67% Средний | больше 3 лет назад | |
| GHSA-jjpq-gp5q-8q6w Cross-site scripting in Apache Tomcat | CVSS3: 6.1 | 13% Средний | больше 6 лет назад |
| GHSA-jgm2-m5cg-f66g Authentication Bypass in Apache Tomcat | 2% Низкий | больше 3 лет назад |
Уязвимостей на страницу