Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / Apache Software Foundation

Apache Software Foundation

347 tracked vulnerabilities.

CVE-2017-9793 HIGH

Apache Struts 2.1.x 2.3.7-2.3.33 2.5-2.5.12 - Denial of Service via Malicious XML Payload

CVE-2017-12611 CRITICAL NUCLEI

Apache Struts 2.0.0-2.3.33 and 2.5-2.5.10.1 - Remote Code Execution via Freemarker Tag Expression

CVE-2017-12616 HIGH

Apache Tomcat 7.0.0-7.0.80 - Exposure of Sensitive Information via VirtualDirContext

CVE-2017-12615 HIGH KEVNUCLEI

Apache Tomcat 7.0.0-7.0.79 - Unauthenticated Remote Code Execution via JSP Upload

CVE-2017-9803 HIGH

Apache Solr 6.2.0-6.6.0 - Privilege Escalation via Kerberos Delegation Token Configuration

CVE-2017-9798 HIGH

Apache httpd <2.4.28 - Use After Free

CVE-2017-9805 HIGH KEVNUCLEI

Apache Struts 2 REST Plugin XStream RCE

CVE-2017-3165 MEDIUM

Apache Brooklyn < 0.10.0 - Authenticated Stored Cross-Site Scripting

CVE-2017-3163 HIGH

Apache Solr < 5.5.4 and 6.0.0-6.4.0 - Path Traversal via Index Replication File Name

CVE-2017-3155 MEDIUM

Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting

CVE-2017-3154 HIGH

Apache Atlas 0.6.0-incubating 0.7.0-incubating - Exposure of Sensitive Information via Error Stack Trace

CVE-2017-3153 MEDIUM

Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Reflected Cross-Site Scripting in Search Functionality

CVE-2017-3152 MEDIUM

Apache Atlas 0.6.0-incubating and 0.7.0-incubating - DOM-Based Cross-Site Scripting in Edit-Tag Functionality

CVE-2017-3151 MEDIUM

Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Stored Cross-Site Scripting in Edit-Tag Functionality

CVE-2017-3150 MEDIUM

Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting via Cookie Access

CVE-2017-9800 CRITICAL

Subversion <1.8.19, 1.9.x <1.9.7, 1.10.0.x <=1.10.0-alpha3 - RCE

CVE-2017-7675 HIGH

Apache Tomcat <9.0.0.M22, <8.5.16 - Path Traversal

CVE-2017-7674 MEDIUM

Apache Tomcat <9.0.0.M21,8.5.15,8.0.44,7.0.78 - Info Disclosure

CVE-2017-3156 HIGH

Apache CXF <3.0.13, <3.1.10 - Timing Attack

CVE-2017-9799 HIGH

Apache Storm <1.0.4-1.1.1 - Privilege Escalation

CVE-2017-9801 HIGH

Apache Commons Email <1.5 - Info Disclosure

CVE-2017-7659 HIGH

Apache HTTP Server <2.4.24-2.4.25 - Use After Free

CVE-2017-7688 HIGH

Apache OpenMeetings 1.0.0 - Info Disclosure

CVE-2017-7685 MEDIUM

Apache OpenMeetings 1.0.0 - Info Disclosure

CVE-2017-7684 HIGH

Apache OpenMeetings 1.0.0 - Denial of Service via Large File Upload

Previous Page 10 of 14 Next

Products

Apache Tomcat 42 Apache HTTP Server 23 Apache OFBiz 20 Apache Airflow 19 Apache OpenMeetings 15 Apache Camel 11 Apache Struts 11 Apache Thrift 11 Apache CXF 9 Apache ActiveMQ 8 Apache Atlas 8 Apache NiFi 8 Apache CloudStack 7 Apache ActiveMQ All 6 Apache Hadoop 6 Apache OpenOffice 6 Apache Wicket 6 Apache ActiveMQ Broker 5 Apache Ranger 5 Apache Ambari 4 Apache Log4j Core 4 Apache MINA 4 Apache OpenNLP 4 Apache Polaris 4 Apache Traffic Server 4 Apache APISIX 3 Apache Brooklyn 3 Apache CXF Fediz 3 Apache Cassandra 3 Apache DolphinScheduler 3

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy