Apache Software Foundation

564 tracked vulnerabilities.

CVE-2016-8746 MEDIUM
Apache Ranger <0.6.3 - Info Disclosure
Jun 14, 2017
CVSS 5.9
EPSS 0.03
CVE-2016-3083 HIGH
Apache Hive < 1.2.2 and 2.0.x < 2.0.1 - Improper Certificate Validation
May 30, 2017
CVSS 7.5
EPSS 0.01
CVE-2016-8741 HIGH
Apache Qpid Broker for Java <6.0.6, <6.1.1 - Info Disclosure
May 15, 2017
CVSS 7.5
EPSS 0.06
CVE-2016-6799 HIGH
Apache Cordova Android < 5.2.2 - Sensitive Information Exposure via Log File Insertion
May 09, 2017
CVSS 7.5
EPSS 0.03
CVE-2016-5396 HIGH
Apache Traffic Server 6.0.0-6.2.0 - Denial of Service via HPACK Bomb Attack
Apr 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2016-8735 CRITICAL KEVNUCLEI
Apache Tomcat , 7.x , 8.x , 8.5.x , 9.x <6.0.48 <7.0.73 <8.0.39 <8.5.7 - Remote Code Execution
Apr 06, 2017
CVSS 9.8
EPSS 0.90
CVE-2016-6807 CRITICAL
Apache Ambari 2.4.0-2.4.1 - Unauthenticated Remote Code Execution via Custom Commands
Mar 28, 2017
CVSS 9.8
EPSS 0.02
CVE-2016-8749 CRITICAL
Apache Camel 2.16.0-2.16.4 2.17.0-2.17.4 2.18.0-2.18.1 - Remote Code Execution via Jackson Unmarshalling
Mar 28, 2017
CVSS 9.8
EPSS 0.11
CVE-2016-6816 HIGH
Apache Tomcat 6.0.0-6.0.47, 7.0.0-7.0.72, 8.0.0.RC1-8.0.38, 8.5.0-8.5.6, 9.0.0.M1-9.0.0.M11 - HTTP Response Injection
Mar 20, 2017
CVSS 7.1
EPSS 0.40
CVE-2016-8747 HIGH
Apache Tomcat <9.0.0.M16 - Info Disclosure
Mar 14, 2017
CVSS 7.5
EPSS 0.07
CVE-2016-8740 HIGH
Apache HTTP Server 2.4.17-2.4.23 - DoS
Dec 05, 2016
CVSS 7.5
EPSS 0.79
CVE-2015-5241 MEDIUM
Apache jUDDI 3.1.2-3.1.5 - Open Redirect
May 19, 2017
CVSS 6.1
EPSS 0.02
CVE-2014-0043 MEDIUM
Apache Wicket <1.5.10,6.13.0 - Info Disclosure
Oct 03, 2017
CVSS 5.3
EPSS 0.03
CVE-2010-2232 HIGH
Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, 10.4.1.3 - Arbitrary File Overwrite via Export Processing
Oct 23, 2017
CVSS 7.5
EPSS 0.04