Skip to main content
CVE-2014-0075 MEDIUM PATCH This Month

Integer overflow in the parseChunkHeader function in java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 allows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 46.7%.

Tomcat Denial Of Service Java Apache
NVD
CVSS 2.0
5.0
EPSS
46.7%
CVE-2014-0099 MEDIUM PATCH This Month

Integer overflow in java/org/apache/tomcat/util/buf/Ascii.java in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4, when operated behind a reverse proxy, allows remote attackers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 37.9%.

Tomcat Buffer Overflow Java Apache
NVD
CVSS 2.0
4.3
EPSS
37.9%
CVE-2014-0095 MEDIUM PATCH This Month

java/org/apache/coyote/ajp/AbstractAjpProcessor.java in Apache Tomcat 8.x before 8.0.4 allows remote attackers to cause a denial of service (thread consumption) by using a "Content-Length: 0" AJP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Tomcat Denial Of Service Java Apache
NVD
CVSS 2.0
5.0
EPSS
9.7%
CVE-2014-3793 MEDIUM This Month

VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows. Rated medium severity (CVSS 5.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service VMware Microsoft Fusion Player +2
NVD
CVSS 2.0
5.8
EPSS
0.2%
CVE-2014-0096 MEDIUM PATCH This Month

java/org/apache/catalina/servlets/DefaultServlet.java in the default servlet in Apache Tomcat before 6.0.40, 7.x before 7.0.53, and 8.x before 8.0.4 does not properly restrict XSLT stylesheets, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Tomcat XXE Java Privilege Escalation Apache
NVD
CVSS 2.0
4.3
EPSS
5.8%
CVE-2014-0119 MEDIUM PATCH This Month

Apache Tomcat before 6.0.40, 7.x before 7.0.54, and 8.x before 8.0.6 does not properly constrain the class loader that accesses the XML parser used with an XSLT stylesheet, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Tomcat XXE Privilege Escalation Apache
NVD
CVSS 2.0
4.3
EPSS
4.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy