Количество 1 143
Количество 1 143
CVE-2001-1563
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
CVE-2001-0829
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
CVE-2001-0590
Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0).
CVE-2000-1210
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
CVE-2000-0760
The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.
CVE-2000-0759
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
CVE-2000-0672
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
openSUSE-SU-2021:0330-1
Security update for tomcat
SUSE-SU-2024:3510-1
Security update for tomcat
SUSE-SU-2024:2539-1
Security update for tomcat
SUSE-SU-2024:2485-1
Security update for tomcat
SUSE-SU-2024:2413-1
Security update for tomcat10
SUSE-SU-2023:2504-1
Security update for tomcat
SUSE-SU-2023:2319-1
Security update for tomcat
SUSE-SU-2023:2318-1
Security update for tomcat
SUSE-SU-2021:0531-1
Security update for tomcat
SUSE-SU-2021:0530-1
Security update for tomcat
SUSE-SU-2016:2229-1
Security update for tomcat6
RLSA-2024:5694
Important: tomcat security update
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2001-1563 Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers. | CVSS2: 7.5 | 5% Низкий | больше 23 лет назад |
| CVE-2001-0917 Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. | CVSS2: 5 | 3% Низкий | больше 23 лет назад |
| CVE-2001-0829 A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message. | CVSS2: 5.1 | 1% Низкий | больше 23 лет назад |
| CVE-2001-0590 Apache Software Foundation Tomcat Servlet prior to 3.2.2 allows a remote attacker to read the source code to arbitrary 'jsp' files via a malformed URL request which does not end with an HTTP protocol specification (i.e. HTTP/1.0). | CVSS2: 5 | 22% Средний | около 24 лет назад |
| CVE-2000-1210 Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. | CVSS2: 5 | 4% Низкий | больше 23 лет назад |
| CVE-2000-0760 The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | CVSS2: 6.4 | 38% Средний | почти 25 лет назад |
| CVE-2000-0759 Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | CVSS2: 6.4 | 40% Средний | почти 25 лет назад |
| CVE-2000-0672 The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | CVSS2: 5 | 3% Низкий | около 25 лет назад |
 | openSUSE-SU-2021:0330-1 Security update for tomcat | 57% Средний | больше 4 лет назад | |
| SUSE-SU-2024:3510-1 Security update for tomcat | 1% Низкий | 11 месяцев назад | |
| SUSE-SU-2024:2539-1 Security update for tomcat | 18% Средний | около 1 года назад | |
| SUSE-SU-2024:2485-1 Security update for tomcat | 18% Средний | около 1 года назад | |
| SUSE-SU-2024:2413-1 Security update for tomcat10 | 18% Средний | около 1 года назад | |
| SUSE-SU-2023:2504-1 Security update for tomcat | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2319-1 Security update for tomcat | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2023:2318-1 Security update for tomcat | 0% Низкий | около 2 лет назад | |
| SUSE-SU-2021:0531-1 Security update for tomcat | 57% Средний | больше 4 лет назад | |
| SUSE-SU-2021:0530-1 Security update for tomcat | 57% Средний | больше 4 лет назад | |
| SUSE-SU-2016:2229-1 Security update for tomcat6 | 66% Средний | почти 9 лет назад | |
 | RLSA-2024:5694 Important: tomcat security update | 18% Средний | 11 месяцев назад |
Уязвимостей на страницу