apache

3,096 tracked vulnerabilities.

CVE-2014-3501
Apache Cordova Android - Remote Server Connection via WebSocket WebView Bypass
Nov 15, 2014
EPSS 0.04
CVE-2014-3500
Apache Cordova Android <3.5.1 - XSS
Nov 15, 2014
EPSS 0.04
CVE-2014-3623
Apache WSS4J < 1.6.17 and 2.x < 2.0.2 - Improper Authentication via SAML SubjectConfirmation Method
Oct 30, 2014
EPSS 0.09
CVE-2014-3584
Apache CXF < 2.6.11, 2.7.x < 2.7.8, 3.0.x < 3.0.1 - Denial of Service via Crafted SAML Token
Oct 30, 2014
EPSS 0.07
CVE-2014-3581
Apache HTTP Server - Denial of Service via Empty Content-Type Header
Oct 10, 2014
EPSS 0.13
CVE-2014-0074
Apache Shiro 1.x < 1.2.3 - Authentication Bypass via Empty LDAP Credentials
Oct 06, 2014
EPSS 0.05
CVE-2014-3574
Apache POI < 3.10.1 and 3.11.x < 3.11-beta2 - Denial of Service via XML Entity Expansion
Sep 04, 2014
EPSS 0.07
CVE-2014-3529
Apache POI < 3.10.1 - XML External Entity Injection via OpenXML File Processing
Sep 04, 2014
EPSS 0.13
CVE-2014-3596
Apache Axis <1.4 - Man-in-the-Middle
Aug 27, 2014
EPSS 0.06
CVE-2014-3575
Redhat Enterprise Linux Desktop < 4.1.1 - Information Disclosure
Aug 27, 2014
EPSS 0.10
CVE-2014-3524
Apache OpenOffice < 4.1.1 - Remote Code Execution via Crafted Calc Spreadsheet
Aug 26, 2014
EPSS 0.15
CVE-2014-3525
Apache Traffic Server 3.x-5.0.1 Health Checks - Impact Unknown
Aug 22, 2014
EPSS 0.05
CVE-2014-0232
Apache OFBiz 11.04.01-11.04.04 and 12.04.01-12.04.03 - Cross-Site Scripting in messages.ftl
Aug 22, 2014
EPSS 0.08
CVE-2014-3577
Apache HttpComponents <4.3.5-4.0.2 - Man-in-the-middle
Aug 21, 2014
EPSS 0.09
CVE-2014-3528
Opensuse - Credentials Management
Aug 19, 2014
EPSS 0.07
CVE-2014-3522
Apache Subversion <1.7.18-1.8.10 - SSL Man-in-the-Middle
Aug 19, 2014
EPSS 0.06
CVE-2014-3504
Apache Subversion - SSL Certificate Validation Bypass via NUL Byte in CN Field
Aug 19, 2014
EPSS 0.03
CVE-2014-3523
Apache HTTP Server < 2.4.10 - Memory Leak in WinNT MPM AcceptFilter
Jul 20, 2014
EPSS 0.16
CVE-2014-0231
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_cgid stdin Hang
Jul 20, 2014
EPSS 0.44
CVE-2014-0226
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_status Scoreboard Handling
Jul 20, 2014
EPSS 0.86
CVE-2014-0118
Apache HTTP Server < 2.4.10 - Denial of Service via Request Body Decompression
Jul 20, 2014
EPSS 0.37
CVE-2014-0117
Apache HTTP Server < 2.4.10 - Denial of Service via mod_proxy HTTP Connection Header
Jul 20, 2014
EPSS 0.36
CVE-2014-3503
Apache Syncope 1.1.0-1.1.7 - Weak Password Generation
Jul 11, 2014
EPSS 0.06
CVE-2014-0035
Apache CXF <2.6.13 & <2.7.10 - Info Disclosure
Jul 07, 2014
EPSS 0.07
CVE-2014-0034
Apache CXF < 2.6.12 and 2.7.x < 2.7.9 - Remote Access Control Bypass via Invalid SAML Token Caching
Jul 07, 2014
EPSS 0.07