Apache
2,736 tracked vulnerabilities.
CVE-2024-53679
MEDIUM
Apache Vcl < 2.5.2 - XSS
Mar 25, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-53678
HIGH
Apache Vcl < 2.5.2 - SQL Injection
Mar 25, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-30474
MEDIUM
Apache Commons VFS <2.10.0 - Info Disclosure
Mar 23, 2025
CVSS 5.0
EPSS 0.00
CVE-2025-27553
HIGH
Apache Commons Vfs < 2.10.0 - Path Traversal
Mar 23, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-26796
MEDIUM
Apache Oozie - XSS
Mar 22, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-27888
MEDIUMNUCLEI
Apache Druid - Server-Side Request Forgery
Mar 20, 2025
CVSS 5.4
EPSS 0.01
CVE-2024-54016
MEDIUM
Apache Seata <2.3.0 - Data Amplification
Mar 20, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-47552
CRITICAL
Apache Seata <2.2.0 - Deserialization
Mar 20, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-27018
MEDIUM
Apache Airflow MySQL Provider <6.2.0 - SQL Injection
Mar 19, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-27017
MEDIUM
Apache NiFi <2.3.0 - Info Disclosure
Mar 12, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-27867
MEDIUM
Apache Felix HTTP Webconsole Plugin < 1.2.2 - XSS
Mar 12, 2025
CVSS 5.6
EPSS 0.00
CVE-2025-29891
MEDIUM
Apache Camel <4.10.2-<4.8.5-<3.22.4 - Command Injection
Mar 12, 2025
CVSS 4.8
EPSS 0.00
CVE-2025-24813
CRITICALKEVNUCLEI
Tomcat Partial PUT Java Deserialization
Mar 10, 2025
CVSS 9.8
EPSS 0.94
CVE-2025-26865
LOW
Apache OFBiz <18.12.18 - Info Disclosure
Mar 10, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-27636
MEDIUM
Apache Camel <4.10.2 - Command Injection
Mar 09, 2025
CVSS 5.6
EPSS 0.29
CVE-2024-56196
MEDIUM
Apache Traffic Server < 10.0.4 - Improper Access Control
Mar 06, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-56195
MEDIUM
Apache Traffic Server < 9.2.9 - Improper Access Control
Mar 06, 2025
CVSS 6.3
EPSS 0.01
CVE-2024-38311
MEDIUM
Apache Traffic Server <9.2.8 - <9.2.11, <10.0.3 - Info Disclosure
Mar 06, 2025
CVSS 6.3
EPSS 0.01
CVE-2024-56202
MEDIUM
Apache Traffic Server <9.2.8, <10.0.3 - Expected Behavior Violation
Mar 06, 2025
CVSS 4.3
EPSS 0.00
CVE-2024-55532
CRITICAL
Apache Ranger <2.6.0 - Info Disclosure
Mar 03, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-24778
MEDIUM
Apache StreamPipes <0.97.0 - Privilege Escalation
Mar 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-56180
CRITICAL
Apache Eventmesh < 1.11.0 - Insecure Deserialization
Feb 14, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-52577
CRITICAL
Apache Ignite < 2.17.0 - Insecure Deserialization
Feb 14, 2025
CVSS 9.0
EPSS 0.02
CVE-2024-46910
HIGH
Apache Atlas < 2.4.0 - Basic XSS
Feb 13, 2025
CVSS 7.1
EPSS 0.00
CVE-2024-32838
HIGH
Apache Fineract < 1.10.1 - SQL Injection
Feb 12, 2025
CVSS 8.8
EPSS 0.00
Products
http_server 306
tomcat 237
airflow 101
struts 90
traffic_server 80
superset 68
openoffice 60
ofbiz 57
activemq 51
subversion 47
solr 46
nifi 44
cxf 43
cloudstack 38
hadoop 37
inlong 32
camel 31
ambari 26
tika 25
openmeetings 25
jspwiki 24
dolphinscheduler 24
geode 23
zeppelin 22
ranger 21
spark 21
kylin 21
couchdb 20
fineract 20
hive 20
Quick Filters