[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 26404 Download | Alert*

The host is installed with Apache Tomcat 6.0.x before 6.0.40, 7.x before 7.0.54 or 8.x before 8.0.6 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted web application. Successful exploitation allows remote attackers to (1) read arbitrary files via a crafted web application that provides an XML external entity declaration in c ...

The host is installed with Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55 or 8.x before 8.0.9 and is prone to a denial of service vulnerability. A flaw is present in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java, which does not properly handle attempts to continue reading data after an error has occurred. Successful exploitation allows remote attackers to conduct HTTP request s ...

The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M2 and is prone to a security bypass vulnerability. A flaw is present in the session-persistence implementation, which mishandles session attributes. Successful exploitation allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code ...

The host is installed with Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M2 and is prone to a security bypass vulnerability. A flaw is present in the application, which does not place org.apache.catalina.manager.StatusManagerServlet on the org/apache/catalina/core/RestrictedServlets.properties list. Successful exploitation allows remote authenticated use ...

The host is installed with Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31 or 9.x before 9.0.0.M3 and is prone to a security bypass vulnerability. A flaw is present in the setGlobalContext method, which does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized. Successful exploitation allows remote authenticated users to bypass intended SecurityManager restrictions a ...

The host is installed with Apache Tomcat 6.0.x to 6.0.47, 7.x to 7.0.72, 8.0.0 to 8.0.38, 8.5.x to 8.5.6 or 9.0.0.M1 to 9.0.0.M11 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which does not properly handle certain inconsistent HTTP request headers. Successful exploitation allows remote attackers to perform an XSS attack or obtain sensitive information ...

The host is installed with Apache Tomcat 8.5.7 to 8.5.9 or 9.0.0.M11 to 9.0.0.M15 and is prone to an information disclosure vulnerability. A flaw is present in the reverse-proxy configurations, which fails to handle different requests. Successful exploitation allows remote attackers to read data that was intended to be associated with a different request.

The host is installed with Apache Tomcat 6.0 before 6.0.52, 7.x before 7.0.76, 8.x before 8.0.42, 8.5.x before 8.5.12 or 9.x before 9.0.0.M19 and is prone to an unspecified vulnerability. A flaw is present in the Application, which fails to handle pipelined requests. Successful exploitation could result in responses appearing to be sent for the wrong request. For example, a user agent that sent re ...

The host is installed with Apache Tomcat 8.5.x before 8.5.13 or 9.x before 9.0.0.M19 and is prone to an denial of service vulnerability. A flaw is present in the Application, which fails to handle an HTTP/2 GOAWAY frame for a connection did not close streams associated with that connection that were currently waiting for a WINDOW_UPDATE before allowing the application to write more data. Successfu ...

The host is installed with Apache Tomcat 8.5.x before 8.5.13 or 9.x before 9.0.0.M19 and is prone to an denial of service vulnerability. A flaw is present in the Application, which fails to properly handle send file process. Successful exploitation could result in the same Processor being used for multiple requests which in turn could lead to unexpected errors and/or response mix-up.


Pages:      Start    1134    1135    1136    1137    1138    1139    1140    1141    1142    1143    1144    1145    1146    1147    ..   2640

© SecPod Technologies