Max CVSS 5.0 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2005-2090 4.3
Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header
15-04-2019 - 16:29 05-07-2005 - 04:00
CVE-2007-0450 5.0
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence
15-04-2019 - 16:29 16-03-2007 - 22:19
CVE-2006-7196 4.3
Cross-site scripting (XSS) vulnerability in the calendar application example in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.15 allows remote attackers to inject arbitrary web script or HTML via
25-03-2019 - 11:29 10-05-2007 - 00:19
CVE-2006-3835 5.0
Apache Tomcat 5 before 5.5.17 allows remote attackers to list directories via a semicolon (;) preceding a filename with a mapped extension, as demonstrated by URLs ending with /;index.jsp and /;help.do.
25-03-2019 - 11:29 25-07-2006 - 13:22
CVE-2007-1858 2.6
The default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, and 5.5.0 through 5.5.17 uses certain insecure ciphers, including the anonymous cipher, which allows remote attackers to obtain sensitive information o
25-03-2019 - 11:29 10-05-2007 - 00:19
CVE-2007-1358 2.6
Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web script or HTML via crafted "Accept-Language headers that do not conform
25-03-2019 - 11:29 10-05-2007 - 00:19
CVE-2006-7195 4.3
Cross-site scripting (XSS) vulnerability in implicit-objects.jsp in Apache Tomcat 5.0.0 through 5.0.30 and 5.5.0 through 5.5.17 allows remote attackers to inject arbitrary web script or HTML via certain header values.
16-10-2018 - 16:29 10-05-2007 - 00:19
Back to Top Mark selected
Back to Top