Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Api Bfla Api Bola Api Broken Auth Api Broken Object Prop Auth Api Dos Api Improper Inventory Management Api Misconfiguration Api Ssrf Arbitrary File Creation Arbitrary File Read Authentication Bypass BOLA Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial Of Service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilities LLM Ldap Injection Llm Excessive Agency Llm Insecure Output Handling Llm Prompt Injection Llm Prompt Leakage Llm Sensitive Information Disclosure Malware Missing Update Privilege Escalation SSRF Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity Apache Tomcat Incorrect Authorization Vulnerability (CVE-2016-6797) CVE-2016-6797 CWE-863 CWE-863 High Apache Tomcat Incorrect Default Permissions Vulnerability (CVE-2020-8022) CVE-2020-8022 CWE-276 CWE-276 High Apache Tomcat Information Disclosure CVE-2017-7674 CVE-2017-12616 CWE-200 CWE-200 High Apache Tomcat insecure default administrative password CVE-2009-3548 CWE-798 CWE-798 High Apache Tomcat Insertion of Sensitive Information into Log File Vulnerability (CVE-2026-34487) CVE-2026-34487 CWE-532 CWE-532 High Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418) CVE-2019-12418 CWE-522 CWE-522 High Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2015-8751) CVE-2015-8751 CWE-190 CWE-190 High Apache Tomcat Integer Overflow or Wraparound Vulnerability (CVE-2025-52520) CVE-2025-52520 CWE-190 CWE-190 High Apache Tomcat JK connector security bypass CVE-2007-1860 CWE-200 CWE-200 High Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1336) CVE-2018-1336 CWE-835 CWE-835 High Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2020-13935) CVE-2020-13935 CWE-835 CWE-835 High Apache Tomcat Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-41079) CVE-2021-41079 CWE-835 CWE-835 High Apache Tomcat Missing Encryption of Sensitive Data Vulnerability (CVE-2026-34486) CVE-2026-34486 CWE-311 CWE-311 High Apache Tomcat Missing Release of Resource after Effective Lifetime Vulnerability (CVE-2021-42340) CVE-2021-42340 CWE-772 CWE-772 High Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709) CVE-2023-28709 CWE-193 CWE-193 High Apache Tomcat Other Vulnerability (CVE-2001-1563) CVE-2001-1563 High Apache Tomcat Other Vulnerability (CVE-2002-0682) CVE-2002-0682 High Apache Tomcat Other Vulnerability (CVE-2002-1394) CVE-2002-1394 High Apache Tomcat Other Vulnerability (CVE-2006-7197) CVE-2006-7197 High Apache Tomcat Other Vulnerability (CVE-2015-5346) CVE-2015-5346 High Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3190) CVE-2011-3190 CWE-264 CWE-264 High Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-0050) CVE-2014-0050 CWE-264 CWE-264 High Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-0714) CVE-2016-0714 CWE-264 CWE-264 High Apache Tomcat Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9775) CVE-2016-9775 CWE-264 CWE-264 High Apache Tomcat Remote Code Execution Vulnerability CVE-2017-12615 CWE-94 CWE-94 High Apache Tomcat Resource Management Errors Vulnerability (CVE-2014-0230) CVE-2014-0230 High Apache Tomcat Session Fixation Vulnerability (CVE-2019-17563) CVE-2019-17563 CWE-384 CWE-384 High Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability (CVE-2022-23181) CVE-2022-23181 CWE-367 CWE-367 High Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2019-0199) CVE-2019-0199 CWE-400 CWE-400 High Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2020-11996) CVE-2020-11996 CWE-400 CWE-400 High Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2024-34750) CVE-2024-34750 CWE-400 CWE-400 High Apache Tomcat Uncontrolled Resource Consumption Vulnerability (CVE-2025-53506) CVE-2025-53506 CWE-400 CWE-400 High Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12615) CVE-2017-12615 CWE-434 CWE-434 High Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617) CVE-2017-12617 CWE-434 CWE-434 High Apache Tomcat Untrusted Search Path Vulnerability (CVE-2025-49124) CVE-2025-49124 CWE-426 CWE-426 High Apache Tomcat Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2026-29129) CVE-2026-29129 CWE-327 CWE-327 High Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511) CVE-2019-9511 CWE-770 CWE-770 High Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9514) CVE-2019-9514 CWE-770 CWE-770 High Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9515) CVE-2019-9515 CWE-770 CWE-770 High Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517) CVE-2019-9517 CWE-770 CWE-770 High Apache Traffic Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9518) CVE-2019-9518 CWE-770 CWE-770 High Apache Traffic Server Always-Incorrect Control Flow Implementation Vulnerability (CVE-2025-58136) CVE-2025-58136 CWE-670 CWE-670 High Apache Traffic Server CVE-2022-47184 Vulnerability (CVE-2022-47184) CVE-2022-47184 High Apache Traffic Server CVE-2022-47185 Vulnerability (CVE-2022-47185) CVE-2022-47185 High Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631) CVE-2023-30631 High Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933) CVE-2023-33933 High Apache Traffic Server CVE-2023-41752 Vulnerability (CVE-2023-41752) CVE-2023-41752 High Apache Traffic Server CVE-2023-44487 Vulnerability (CVE-2023-44487) CVE-2023-44487 High Apache Traffic Server CVE-2024-31309 Vulnerability (CVE-2024-31309) CVE-2024-31309 High Apache Traffic Server CVE-2024-35296 Vulnerability (CVE-2024-35296) CVE-2024-35296 High Apache Traffic Server CVE-2024-38479 Vulnerability (CVE-2024-38479) CVE-2024-38479 High Apache Traffic Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-11783) CVE-2018-11783 CWE-200 CWE-200 High Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 ) CVE-2020-17509 High Apache Traffic Server Improper Access Control Vulnerability (CVE-2025-31698) CVE-2025-31698 CWE-284 CWE-284 High Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161) CVE-2021-38161 CWE-287 CWE-287 High Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-44759) CVE-2021-44759 CWE-287 CWE-287 High Apache Traffic Server Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2022-32749) CVE-2022-32749 CWE-754 CWE-754 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5659) CVE-2017-5659 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-5660) CVE-2017-5660 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2017-7671) CVE-2017-7671 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318) CVE-2018-1318 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-8022) CVE-2018-8022 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2019-10079) CVE-2019-10079 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32566) CVE-2021-32566 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32567) CVE-2021-32567 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37147) CVE-2021-37147 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37148) CVE-2021-37148 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37149) CVE-2021-37149 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-37150) CVE-2021-37150 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-41585) CVE-2021-41585 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-44040) CVE-2021-44040 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-25763) CVE-2022-25763 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-28129) CVE-2022-28129 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31778) CVE-2022-31778 CWE-20 CWE-20 High Apache Traffic Server Improper Input Validation Vulnerability (CVE-2022-31779) CVE-2022-31779 CWE-20 CWE-20 High 1...3456...177 4 / 177