| Vulnerability Name |
CVE
CWE
|
CWE |
Severity |
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2729)
|
CVE-2011-2729
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3190)
|
CVE-2011-3190
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3376)
|
CVE-2011-3376
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-5062)
|
CVE-2011-5062
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3546)
|
CVE-2012-3546
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4431)
|
CVE-2012-4431
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-5885)
|
CVE-2012-5885
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0346)
|
CVE-2013-0346
CWE-264
|
CWE-264
|
Low
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050)
|
CVE-2014-0050
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0096)
|
CVE-2014-0096
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0119)
|
CVE-2014-0119
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0714)
|
CVE-2016-0714
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0762)
|
CVE-2016-0762
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0763)
|
CVE-2016-0763
CWE-264
|
CWE-264
|
Medium
|
|
Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775)
|
CVE-2016-9775
CWE-264
|
CWE-264
|
High
|
|
Apache Tomcat Remote Code Execution Vulnerability
|
CVE-2017-12615
CWE-94
|
CWE-94
|
High
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-0534)
|
CVE-2011-0534
|
|
Medium
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2011-4858)
|
CVE-2011-4858
|
|
Medium
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2012-4534)
|
CVE-2012-4534
|
|
Low
|
|
Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230)
|
CVE-2014-0230
|
|
High
|
|
Apache Tomcat sample files
|
CWE-538
|
CWE-538
|
Medium
|
|
Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563)
|
CVE-2019-17563
CWE-384
|
CWE-384
|
High
|
|
Apache Tomcat Session Fixation Vulnerability (CVE-2025-55668)
|
CVE-2025-55668
CWE-384
|
CWE-384
|
Medium
|
|
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181)
|
CVE-2022-23181
CWE-367
|
CWE-367
|
High
|
|
Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2024-50379)
|
CVE-2024-50379
CWE-367
|
CWE-367
|
Critical
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199)
|
CVE-2019-0199
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996)
|
CVE-2020-11996
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-34750)
|
CVE-2024-34750
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-54677)
|
CVE-2024-54677
CWE-400
|
CWE-400
|
Medium
|
|
Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506)
|
CVE-2025-53506
CWE-400
|
CWE-400
|
High
|
|
Apache Tomcat Unprotected Transport of Credentials Vulnerability (CVE-2023-28708)
|
CVE-2023-28708
CWE-523
|
CWE-523
|
Medium
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615)
|
CVE-2017-12615
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)
|
CVE-2017-12617
CWE-434
|
CWE-434
|
High
|
|
Apache Tomcat Untrusted Search Path Vulnerability (CVE-2025-49124)
|
CVE-2025-49124
CWE-426
|
CWE-426
|
High
|
|
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)
|
CVE-2018-11784
CWE-601
|
CWE-601
|
Medium
|
|
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)
|
CVE-2023-41080
CWE-601
|
CWE-601
|
Medium
|
|
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-25854)
|
CVE-2026-25854
CWE-601
|
CWE-601
|
Medium
|
|
Apache Tomcat Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2026-29129)
|
CVE-2026-29129
CWE-327
|
CWE-327
|
High
|
|
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2021-24122)
|
CVE-2021-24122
CWE-706
|
CWE-706
|
Medium
|
|
Apache Tomcat Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2025-24813)
|
CVE-2025-24813
CWE-706
|
CWE-706
|
Critical
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
|
CVE-2019-9511
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514)
|
CVE-2019-9514
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515)
|
CVE-2019-9515
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9516)
|
CVE-2019-9516
CWE-770
|
CWE-770
|
Medium
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)
|
CVE-2019-9517
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518)
|
CVE-2019-9518
CWE-770
|
CWE-770
|
High
|
|
Apache Traffic Server Always-Incorrect Control Flow Implementation Vulnerability (CVE-2025-58136)
|
CVE-2025-58136
CWE-670
|
CWE-670
|
High
|
|
Apache Traffic Server Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Vulnerability (CVE-2021-43082)
|
CVE-2021-43082
CWE-120
|
CWE-120
|
Critical
|
|
Apache Traffic Server CVE-2014-3525 Vulnerability (CVE-2014-3525)
|
CVE-2014-3525
|
|
Critical
|
|
Apache Traffic Server CVE-2015-5168 Vulnerability (CVE-2015-5168)
|
CVE-2015-5168
|
|
Critical
|
|
Apache Traffic Server CVE-2015-5206 Vulnerability (CVE-2015-5206)
|
CVE-2015-5206
|
|
Critical
|
|
Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184)
|
CVE-2022-47184
|
|
High
|
|
Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185)
|
CVE-2022-47185
|
|
High
|
|
Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631)
|
CVE-2023-30631
|
|
High
|
|
Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)
|
CVE-2023-33933
|
|
High
|
|
Apache Traffic Server CVE-2023-41752 Vulnerability (CVE-2023-41752)
|
CVE-2023-41752
|
|
High
|
|
Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487)
|
CVE-2023-44487
|
|
High
|
|
Apache Traffic Server CVE-2024-31309 Vulnerability (CVE-2024-31309)
|
CVE-2024-31309
|
|
High
|
|
Apache Traffic Server CVE-2024-35296 Vulnerability (CVE-2024-35296)
|
CVE-2024-35296
|
|
High
|
|
Apache Traffic Server CVE-2024-38311 Vulnerability (CVE-2024-38311)
|
CVE-2024-38311
|
|
Medium
|
|
Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479)
|
CVE-2024-38479
|
|
High
|
|
Apache Traffic Server CVE-2024-56195 Vulnerability (CVE-2024-56195)
|
CVE-2024-56195
|
|
Medium
|
|
Apache Traffic Server CVE-2024-56196 Vulnerability (CVE-2024-56196)
|
CVE-2024-56196
|
|
Medium
|
|
Apache Traffic Server CVE-2024-56202 Vulnerability (CVE-2024-56202)
|
CVE-2024-56202
|
|
Medium
|
|
Apache Traffic Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2018-8040)
|
CVE-2018-8040
CWE-668
|
CWE-668
|
Medium
|
|
Apache Traffic Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11783)
|
CVE-2018-11783
CWE-200
|
CWE-200
|
High
|
|
Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )
|
CVE-2020-17509
|
|
High
|
|
Apache Traffic Server Improper Access Control Vulnerability (CVE-2014-3624)
|
CVE-2014-3624
CWE-284
|
CWE-284
|
Critical
|
|
Apache Traffic Server Improper Access Control Vulnerability (CVE-2025-31698)
|
CVE-2025-31698
CWE-284
|
CWE-284
|
High
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)
|
CVE-2021-38161
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759)
|
CVE-2021-44759
CWE-287
|
CWE-287
|
High
|
|
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749)
|
CVE-2022-32749
CWE-754
|
CWE-754
|
High
|
|
Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-37392)
|
CVE-2022-37392
CWE-754
|
CWE-754
|
Medium
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2010-2952)
|
CVE-2010-2952
CWE-20
|
CWE-20
|
Medium
|
|
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659)
|
CVE-2017-5659
CWE-20
|
CWE-20
|
High
|
