Apache Software Foundation
560 tracked vulnerabilities.
CVE-2017-3152
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - DOM-Based Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3151
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Stored Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3150
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting via Cookie Access
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-9800
CRITICAL
Subversion <1.8.19, 1.9.x <1.9.7, 1.10.0.x <=1.10.0-alpha3 - RCE
Aug 11, 2017
CVSS 9.8
EPSS 0.19
CVE-2017-7675
HIGH
Apache Tomcat <9.0.0.M22, <8.5.16 - Path Traversal
Aug 11, 2017
CVSS 7.5
EPSS 0.10
CVE-2017-7674
MEDIUM
Apache Tomcat <9.0.0.M21,8.5.15,8.0.44,7.0.78 - Info Disclosure
Aug 11, 2017
CVSS 4.3
EPSS 0.08
CVE-2017-3156
HIGH
Apache CXF <3.0.13, <3.1.10 - Timing Attack
Aug 10, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-9799
HIGH
Apache Storm <1.0.4-1.1.1 - Privilege Escalation
Aug 09, 2017
CVSS 8.8
EPSS 0.05
CVE-2017-9801
HIGH
Apache Commons Email <1.5 - Info Disclosure
Aug 07, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-7659
HIGH
Apache HTTP Server <2.4.24-2.4.25 - Use After Free
Jul 26, 2017
CVSS 7.5
EPSS 0.54
CVE-2017-7688
HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7685
MEDIUM
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-7684
HIGH
Apache OpenMeetings 1.0.0 - Denial of Service via Large File Upload
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7683
HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-7682
HIGH
Apache OpenMeetings 3.2.0 - Info Disclosure
Jul 17, 2017
CVSS 8.2
EPSS 0.02
CVE-2017-7681
HIGH
Apache OpenMeetings 1.0.0 - SQL Injection
Jul 17, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7680
HIGH
Apache OpenMeetings 1.0.0 - Overly Permissive crossdomain.xml
Jul 17, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-7673
CRITICAL
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 9.8
EPSS 0.02
CVE-2017-7666
HIGH
Apache OpenMeetings 1.0.0 - Cross-Site Request Forgery
Jul 17, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7664
CRITICAL
Apache OpenMeetings 3.1.0 - Info Disclosure
Jul 17, 2017
CVSS 10.0
EPSS 0.02
CVE-2017-7663
MEDIUM
Apache OpenMeetings 3.2.0 - Stored Cross-Site Scripting in Global and Room Chat
Jul 17, 2017
CVSS 6.1
EPSS 0.03
CVE-2017-9789
HIGH
Apache httpd 2.4.26 - Memory Corruption
Jul 13, 2017
CVSS 7.5
EPSS 0.10
CVE-2017-9788
CRITICAL
Apache httpd <2.2.34 & 2.4.x <2.4.27 - Info Disclosure
Jul 13, 2017
CVSS 9.1
EPSS 0.57
CVE-2017-9787
HIGH
Apache Struts - Denial of Service via Spring AOP Functionality
Jul 13, 2017
CVSS 7.5
EPSS 0.10
CVE-2017-7672
MEDIUM
Apache Struts 2.5.0-2.5.10.1 - Denial of Service via URLValidator
Jul 13, 2017
CVSS 5.9
EPSS 0.09
Products
Apache Tomcat 52
Apache Airflow 42
Apache HTTP Server 36
Apache Camel 33
Apache ActiveMQ 23
Apache OFBiz 22
Apache CXF 20
Apache ActiveMQ All 17
Apache APISIX 15
Apache OpenMeetings 15
Apache ActiveMQ Broker 13
Apache IoTDB 12
Apache NiFi 12
Apache Struts 12
Apache Thrift 11
Apache Atlas 9
Apache DolphinScheduler 8
Apache Answer 7
Apache CloudStack 7
Apache Hadoop 6
Apache OpenOffice 6
Apache Shiro 6
Apache Wicket 6
Apache Kvrocks 5
Apache MINA 5
Apache Ranger 5
Apache ActiveMQ Client 4
Apache Ambari 4
Apache Gravitino 4
Apache Log4j 1.x 4
Quick Filters