Browse Security Advisories
Moderate Security Advisories for https://github.com/apache/tomcat from github Clear Filters
Moderate
10 months ago
Apache Tomcat Session Fixation vulnerability
maven
org.apache.tomcat:tomcat-catalina
Moderate
12 months ago
Apache Tomcat Utilities is vulnerable to resource exhaustion when using the APR/Native connector
maven
org.apache.tomcat:tomcat-util
Moderate
about 1 year ago
Apache Tomcat - Security constraint bypass for pre/post-resources
maven
org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-catalina
Moderate
about 1 year ago
Apache Tomcat installer for Windows has an untrusted search path vulnerability
maven
org.apache.tomcat:tomcat-catalina, org.apache.tomcat:tomcat, org.apache.tomcat.embed:tomcat-embed-core
Moderate
about 1 year ago
Apache Tomcat Denial of Service via invalid HTTP priority header
maven
org.apache.tomcat:tomcat-coyote
Moderate
over 1 year ago
Apache Tomcat - XSS in generated JSPs
maven
org.apache.tomcat:tomcat-jasper
Moderate
over 1 year ago
Apache Tomcat Request and/or response mix-up
maven
org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 2 years ago
Denial of Service via incomplete cleanup vulnerability in Apache Tomcat
maven
org.apache.tomcat.embed:tomcat-embed-websocket, org.apache.tomcat:tomcat-websocket
Moderate
over 2 years ago
Apache Tomcat Denial of Service due to improper input validation vulnerability for HTTP/2 requests
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 2 years ago
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information
maven
org.apache.tomcat.experimental:tomcat-embed-programmatic, org.apache.tomcat:tomcat-coyote, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 2 years ago
Apache Tomcat Improper Input Validation vulnerability
maven
org.apache.tomcat:tomcat-coyote
Moderate
over 2 years ago
Apache Tomcat Incomplete Cleanup vulnerability
maven
org.apache.tomcat:tomcat-util, org.apache.tomcat:tomcat-catalina, org.apache.tomcat:tomcat
Moderate
almost 3 years ago
Apache Tomcat Open Redirect vulnerability
maven
org.apache.tomcat:tomcat-catalina
Moderate
over 3 years ago
Apache Tomcat vulnerable to Unprotected Transport of Credentials
maven
org.apache.tomcat:tomcat-catalina
Moderate
about 4 years ago
Apache Tomcat Exposes IP Addresses and HTTP Headers of Requests
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat Allows Replacing of XML Parser
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat does not follow ServletSecurity annotations
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat HTTP BIO Connector Error Discloses Information From Different Requests to Remote Users
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Denial of service in Apache Tomcat
maven
org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat-coyote
Moderate
about 4 years ago
Apache Tomcat allows remote attackers to bypass intended access restrictions
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Access restriction bypass in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat affected by infinite loop in Double.parseDouble method in Java Runtime Environment
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Verification of Source of a Communication Channel in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Insertion of Sensitive Information into Log File in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Input Validation in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat does not properly handle an invalid Transfer-Encoding header
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat is vulnerable to HTTP request-smuggling
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat Denial of Service vulnerability
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Integer Overflow or Wraparound in Apache Tomcat
maven
org.apache.tomcat:tomcat-coyote
Moderate
about 4 years ago
Improper Input Validation in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Input Validation in Apache Tomcat
maven
org.apache.tomcat:tomcat-catalina
Moderate
about 4 years ago
Missing XML Validation in Apache Tomcat
maven
org.apache.tomcat:tomcat-jasper, org.apache.tomcat:tomcat-catalina
Moderate
about 4 years ago
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat
maven
org.apache.tomcat:tomcat-util
Moderate
about 4 years ago
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Insufficient Verification of Data Authenticity in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
System Property Disclosure in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Neutralization of Input During Web Page Generation in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Apache Tomcat
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat Directory Traversal vulnerability
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat Directory Traversal vulnerability
maven
org.apache.tomcat:tomcat
Moderate
about 4 years ago
Apache Tomcat Cross-site scripting (XSS) vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core, org.apache.tomcat:tomcat
Moderate
over 4 years ago
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
maven
org.apache.tomcat:tomcat-coyote
Moderate
about 5 years ago
Information Disclosure in Apache Tomcat
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
about 7 years ago
Cross-site scripting in Apache Tomcat
maven
org.apache.tomcat:tomcat, org.apache.tomcat:tomcat-catalina, org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 7 years ago
Apache Tomcat Race Condition vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 7 years ago
Apache Tomcat information exposure vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 7 years ago
Apache Tomcat unauthorized access vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Moderate
over 7 years ago
Apache Tomcat Open Redirect vulnerability
maven
org.apache.tomcat.embed:tomcat-embed-core
Filter by Severity
Filter by Source
Filter by Ecosystem
maven
3,616
packagist
3,610
pypi
2,610
npm
2,359
go
2,082
nuget
1,787
cargo
564
rubygems
469
hex
25
swift
21
actions
16
pub
2
Filter by Package
moodle/moodle
318
openclaw
285
tensorflow
200
tensorflow-cpu
190
tensorflow-gpu
186
magento/community-edition
176
org.jenkins-ci.main:jenkins-core
152
github.com/mattermost/mattermost/server/v8
128
typo3/cms
126
com.liferay.portal:release.portal.bom
114
github.com/mattermost/mattermost-server
111
org.apache.tomcat:tomcat
93
pimcore/pimcore
91
com.liferay.portal:release.dxp.bom
80
typo3/cms-core
79
Magick.NET-Q16-AnyCPU
77
Magick.NET-Q16-HDRI-AnyCPU
76
magento/project-community-edition
75
Magick.NET-Q16-HDRI-OpenMP-arm64
73
Magick.NET-Q16-HDRI-x86
73
wwbn/avideo
73
Magick.NET-Q16-HDRI-x64
72
microweber/microweber
72
Magick.NET-Q16-HDRI-arm64
71
Magick.NET-Q16-OpenMP-arm64
71
Magick.NET-Q16-x86
71
Magick.NET-Q16-OpenMP-x64
71
Magick.NET-Q16-arm64
71
Magick.NET-Q8-AnyCPU
69
silverstripe/framework
67
Magick.NET-Q16-x64
67
Magick.NET-Q8-OpenMP-arm64
65
Magick.NET-Q8-x86
65
Magick.NET-Q8-arm64
64
thorsten/phpmyfaq
64
Magick.NET-Q8-OpenMP-x64
62
Magick.NET-Q8-x64
61
apache-airflow
60
phpmyadmin/phpmyadmin
56
dolibarr/dolibarr
56
drupal/core
55
Magick.NET-Q16-HDRI-OpenMP-x64
54
github.com/usememos/memos
54
craftcms/cms
54
concrete5/concrete5
53
librenms/librenms
53
Django
48
apache-superset
47
symfony/symfony
47
mantisbt/mantisbt
46
n8n
44
open-webui
44
Magick.NET-Q16-OpenMP-x86
43
drupal/drupal
42
actionpack
42
org.keycloak:keycloak-services
40
nocodb
40
parse-server
40
snipe/snipe-it
39
picklescan
37
github.com/grafana/grafana
36
org.elasticsearch:elasticsearch
35
showdoc/showdoc
35
Plone
35
shopware/platform
34
directus
34
admidio/admidio
32
org.keycloak:keycloak-core
32
github.com/mattermost/mattermost-server/v6
31
hono
30
getgrav/grav
30
nova
30
baserproject/basercms
29
pypdf
29
shopware/core
29
getkirby/cms
28
intelliants/subrion
28
moin
27
ansible
27
mautic/core
27
rack
26
gogs.io/gogs
26
k8s.io/kubernetes
26
vllm
25
coreutils
25
aiohttp
24
phpmyfaq/phpmyfaq
23
next
23
froxlor/froxlor
22
github.com/hashicorp/vault
22
grumpydictator/firefly-iii
22
github.com/cilium/cilium
22
wasmtime
21
github.com/openfga/openfga
21
DotNetNuke.Core
21
gradio
21
code.gitea.io/gitea
21
github.com/traefik/traefik/v3
21
nilsteampassnet/teampass
21
flowise
21
code.vikunja.io/api
21
github.com/answerdev/answer
21
github.com/traefik/traefik/v2
21
matrix-synapse
21
mediawiki/core
20
shopware/shopware
20
electron
19
org.apache.struts:struts2-core
19
remdex/livehelperchat
18
dompurify
18
plone
18
pyload-ng
18
org.apache.tomcat.embed:tomcat-embed-core
17
salt
17
github.com/fleetdm/fleet/v4
17
org.opencms:opencms-core
17
prestashop/prestashop
17
github.com/argoproj/argo-cd/v2
17
github.com/docker/docker
17
github.com/hashicorp/consul
17
zendframework/zendframework1
16
github.com/hashicorp/nomad
16
rdiffweb
16
nokogiri
16
contao/core-bundle
16
io.undertow:undertow-core
16
typo3/cms-backend
16
statamic/cms
16
glance
15
surrealdb
15
vyper
15
django
15
com.liferay.portal:com.liferay.portal.impl
15
yetiforce/yetiforce-crm
15
org.springframework.security:spring-security-core
15
org.xwiki.platform:xwiki-platform-oldcore
15
github.com/siyuan-note/siyuan/kernel
15
org.apache.jspwiki:jspwiki-main
15
activesupport
14
feehi/feehicms
14
weblate
14
feehi/cms
14
tinymce
14
wagtail
14
deno
14
github.com/goharbor/harbor
14
axios
14
sylius/sylius
14
puppet
14
svelte
13
com.jfinal:jfinal
13
org.bouncycastle:bcprov-jdk15on
13
Umbraco.Cms
13
ghost
13
helm.sh/helm/v3
13
vite
13
github.com/containerd/containerd
13
com.thoughtworks.xstream:xstream
13
transformers
13
github.com/ethereum/go-ethereum
13
craftcms/commerce
13
tribalsystems/zenario
13
forkcms/forkcms
13
github.com/zitadel/zitadel
13
keystone
13
wallabag/wallabag
12
roundup
12
github.com/openbao/openbao
12
contao/contao
12
simplesamlphp/simplesamlphp
12
github.com/filebrowser/filebrowser/v2
12
@openzeppelin/contracts
12
github.com/rancher/rancher
12
undici
12
lavalite/cms
12
ec-cube/ec-cube
12
facturascripts/facturascripts
12
OctoPrint
12
@openzeppelin/contracts-upgradeable
12
laravel/framework
11
github.com/traefik/traefik
11
io.netty:netty-codec-http
11
ckan
11
org.apache.tomcat:tomcat-catalina
11
astro
11
renovate
11
org.keycloak:keycloak-parent
11
mlflow
11
kubevirt.io/kubevirt
11
org.eclipse.jetty:jetty-server
11
genix/cms
11
github.com/argoproj/argo-cd
11
nicegui
11
ci4-cms-erp/ci4ms
11
phpoffice/phpspreadsheet
11
horizon
11
org.springframework:spring-core
10
github.com/greenpau/caddy-security
10
github.com/go-gitea/gitea
10
org.apache.jspwiki:jspwiki-war
10
Filter by Repository
https://github.com/tensorflow/tensorflow
200
https://github.com/moodle/moodle
192
https://github.com/liferay/liferay-portal
143
https://github.com/jenkinsci/jenkins
109
https://github.com/pimcore/pimcore
85
https://github.com/microweber/microweber
63
https://github.com/TYPO3/typo3
63
https://github.com/apache/tomcat
59
https://github.com/django/django
50
https://github.com/usememos/memos
50
https://github.com/xwiki/xwiki-platform
50
https://github.com/silverstripe/silverstripe-framework
50
https://github.com/rails/rails
46
https://github.com/thorsten/phpmyfaq
45
https://github.com/keycloak/keycloak
45
https://github.com/apache/airflow
44
https://github.com/librenms/librenms
42
https://github.com/kubernetes/kubernetes
40
https://github.com/mattermost/mattermost
36
https://github.com/mantisbt/mantisbt
35
https://github.com/mmaitre314/picklescan
34
https://github.com/star7th/showdoc
32
https://github.com/concretecms/concretecms
28
https://github.com/mautic/mautic
27
https://github.com/grafana/grafana
27
https://github.com/symfony/symfony
27
https://github.com/phpmyadmin/phpmyadmin
26
https://github.com/ansible/ansible
26
https://github.com/spring-projects/spring-framework
26
https://github.com/craftcms/cms
26
https://github.com/argoproj/argo-cd
24
https://github.com/directus/directus
24
https://github.com/shopware/shopware
24
https://github.com/umbraco/Umbraco-CMS
23
https://github.com/Dolibarr/dolibarr
22
https://github.com/answerdev/answer
21
https://github.com/plone/Products.CMFPlone
20
https://github.com/firefly-iii/firefly-iii
20
https://github.com/apache/activemq
20
https://github.com/magento/magento2
20
https://github.com/snipe/snipe-it
20
https://github.com/cilium/cilium
19
https://github.com/contao/contao
18
https://github.com/openstack/nova
18
https://github.com/livehelperchat/livehelperchat
18
https://github.com/apache/struts
17
https://github.com/ikus060/rdiffweb
16
https://github.com/matrix-org/synapse
16
https://github.com/gradio-app/gradio
16
https://github.com/shopware/platform
16
https://github.com/CVEProject/cvelist
15
https://github.com/apache/cxf
15
https://github.com/vyperlang/vyper
15
https://github.com/netty/netty
15
https://github.com/getkirby/kirby
15
https://github.com/yetiforcecompany/yetiforcecrm
14
https://github.com/PaddlePaddle/Paddle
14
https://github.com/TYPO3/TYPO3.CMS
14
https://github.com/moby/moby
14
https://github.com/OpenNMS/opennms
14
https://github.com/saltstack/salt
14
https://github.com/tinymce/tinymce
14
https://github.com/baserproject/basercms
14
https://github.com/froxlor/froxlor
14
https://github.com/x-stream/xstream
14
https://github.com/geoserver/geoserver
14
https://github.com/goharbor/harbor
13
https://github.com/rack/rack
13
https://github.com/PrestaShop/PrestaShop
13
https://github.com/openfga/openfga
13
https://github.com/apache/nifi
13
https://github.com/strapi/strapi
13
https://github.com/containerd/containerd
13
https://github.com/bcgit/bc-java
13
https://github.com/octobercms/october
13
https://github.com/go-gitea/gitea
13
https://github.com/nilsteampassnet/TeamPass
13
https://github.com/hashicorp/consul
12
https://github.com/OpenZeppelin/openzeppelin-contracts
12
https://github.com/TYPO3-CMS/core
12
https://github.com/traefik/traefik
12
https://github.com/openstack/keystone
12
https://github.com/huggingface/transformers
12
https://github.com/helm/helm
12
https://github.com/dnnsoftware/Dnn.Platform
11
https://github.com/rancher/rancher
11
https://github.com/github/advisory-database
11
https://github.com/surrealdb/surrealdb
11
https://github.com/vitejs/vite
11
https://github.com/vaadin/platform
11
https://github.com/electron/electron
11
https://github.com/forkcms/forkcms
11
https://github.com/apache/zeppelin
11
https://github.com/ethereum/go-ethereum
11
https://github.com/laravel/framework
11
https://github.com/ckeditor/ckeditor4
11
https://github.com/intelliants/subrion
11
https://github.com/backstage/backstage
10
https://github.com/liufee/cms
10
https://github.com/aio-libs/aiohttp
10
https://github.com/wallabag/wallabag
10
https://github.com/laurent22/joplin
10
https://github.com/simplesamlphp/simplesamlphp
10
https://github.com/TryGhost/Ghost
10
https://github.com/decidim/decidim
10
https://github.com/vercel/next.js
10
https://github.com/greenpau/caddy-security
10
https://github.com/PHPOffice/PhpSpreadsheet
10
https://github.com/bytecodealliance/wasmtime
10
https://github.com/vllm-project/vllm
10
https://github.com/jquery/jquery
9
https://github.com/alkacon/opencms-core
9
https://github.com/pimcore/admin-ui-classic-bundle
9
https://github.com/opencast/opencast
9
https://github.com/sparklemotion/nokogiri
9
https://github.com/fatfreecrm/fat_free_crm
9
https://github.com/dotnet/runtime
9
https://github.com/dpgaspar/Flask-AppBuilder
9
https://github.com/OctoPrint/OctoPrint
9
https://github.com/thorsten/phpMyFAQ
9
https://github.com/publify/publify
9
https://github.com/jenkinsci/git-plugin
9
https://github.com/puppetlabs/puppet
9
https://github.com/urllib3/urllib3
9
https://github.com/pyload/pyload
8
https://github.com/gogs/gogs
8
https://github.com/modoboa/modoboa
8
https://github.com/kubeedge/kubeedge
8
https://github.com/onionshare/onionshare
8
https://github.com/parse-community/parse-server
8
https://github.com/hashicorp/nomad
8
https://github.com/openbao/openbao
8
https://github.com/openstack/glance
8
https://github.com/opensearch-project/security
8
https://github.com/FlowiseAI/Flowise
8
https://github.com/pandao/editor.md
8
https://github.com/LavaLite/cms
8
https://github.com/apache/superset
8
https://github.com/getgrav/grav
8
https://github.com/eclipse/jetty.project
8
https://github.com/zendframework/zendframework
8
https://github.com/sulu/sulu
8
https://github.com/swagger-api/swagger-ui
8
https://github.com/rails/rails-html-sanitizer
8
https://github.com/ckan/ckan
8
https://github.com/dolibarr/dolibarr
8
https://github.com/rubygems/rubygems
8
https://github.com/nilsteampassnet/teampass
8
https://github.com/python-pillow/Pillow
7
https://github.com/dragonflyoss/dragonfly
7
https://github.com/kevinpapst/kimai2
7
https://github.com/opencv/opencv
7
https://github.com/nocodb/nocodb
7
https://github.com/n8n-io/n8n
7
https://github.com/jupyter/notebook
7
https://github.com/openstack/horizon
7
https://github.com/twbs/bootstrap
7
https://github.com/opencontainers/runc
7
https://github.com/StarCitizenTools/mediawiki-skins-Citizen
7
https://github.com/louislam/uptime-kuma
7
https://github.com/Sylius/Sylius
7
https://github.com/kubevirt/kubevirt
7
https://github.com/scrapy/scrapy
7
https://github.com/chakra-core/ChakraCore
7
https://github.com/treeverse/lakeFS
7
https://github.com/zitadel/zitadel
7
https://github.com/vaadin/flow
7
https://github.com/denoland/deno
7
https://github.com/matrix-org/matrix-rust-sdk
7
https://github.com/modxcms/revolution
7
https://github.com/nahsra/antisamy
7
https://github.com/vega/vega
7
https://github.com/containers/podman
7
https://github.com/Leantime/leantime
7
https://github.com/igniterealtime/Openfire
7
https://github.com/google/fscrypt
7
https://github.com/undertow-io/undertow
7
https://github.com/py-pdf/pypdf
7
https://github.com/jenkinsci/blueocean-plugin
7
https://github.com/MobSF/Mobile-Security-Framework-MobSF
7
https://github.com/jeecgboot/jeecg-boot
7
https://github.com/OPCFoundation/UA-.NETStandard
7
https://github.com/bagisto/bagisto
7
https://github.com/zenml-io/zenml
7
https://github.com/hashicorp/vault
7
https://github.com/croogo/croogo
7
https://github.com/janeczku/calibre-web
7
https://github.com/wagtail/wagtail
6
https://github.com/d4wner/Vulnerabilities-Report
6
https://github.com/roundup-tracker/roundup
6
https://github.com/jenkinsci/config-file-provider-plugin
6
https://github.com/cri-o/cri-o
6
https://github.com/run-llama/llama_index
6
https://github.com/panva/jose
6
https://github.com/matrix-org/matrix-js-sdk
6
https://github.com/drupal/core
6
https://github.com/owen2345/camaleon-cms
6
https://github.com/psf/requests
6
https://github.com/withastro/astro
6