CVE-2009-3555 critical 9.8
10.0
17y ago
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9…
debian ubuntu fedora java +2
CVE-2026-43512 critical 9.8
9.8
16d ago
Apache Tomcat - Digest authenticator will authenticate any unknown user
suse debian java apache
CVE-2026-41293 critical 9.8
9.8
16d ago
Apache Tomcat - HTTP/2 request headers not validated
suse debian java apache
CVE-2025-55754 critical 9.6
9.6
9d ago
Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
redhat suse debian java +1
CVE-2026-29145 critical —
9.5
2mo ago
Apache Tomcat: CLIENT_CERT authentication does not fail as expected
suse debian java
CVE-2026-43515 critical 9.1
9.1
16d ago
Apache Tomcat - Security constraints not correctly applied
suse debian java apache
CVE-2026-43514 low 3.7
3.7
16d ago
Apache Tomcat - AJP secret compared in non-constant time
suse debian java apache
CVE-2013-2071 low —
2.6
13y ago
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
java apache
CVE-2010-1157 low —
2.6
16y ago
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
java apache
CVE-2024-54677 low —
2.5
2y ago
Apache Tomcat Uncontrolled Resource Consumption vulnerability
suse debian java
CVE-2011-2204 low —
1.9
15y ago
Insertion of Sensitive Information into Log File in Apache Tomcat
java apache
CVE-2010-3718 low —
1.2
16y ago
Improper Limitation of a Pathname to a Restricted Directory in Apache Tomcat
java apache
CVE-2012-5887 unknown —
—
4y ago
Improper Authentication in Apache Tomcat
java