apache

3,096 tracked vulnerabilities.

CVE-2014-0119
Apache Tomcat <6.0.40, 7.x <7.0.54, 8.x <8.0.6 - XXE
May 31, 2014
EPSS 0.08
CVE-2014-0099
Apache Tomcat <6.0.40, <7.0.53, <8.0.4 - HTTP Request Smuggling
May 31, 2014
EPSS 0.09
CVE-2014-0096
Apache Tomcat <6.0.40, 7.x <7.0.53, 8.x <8.0.4 - XSS
May 31, 2014
EPSS 0.07
CVE-2014-0095
Apache Tomcat 8.x < 8.0.4 - Denial of Service via AJP Content-Length Header
May 31, 2014
EPSS 0.08
CVE-2014-0075
Apache Tomcat <6.0.40,7.x<7.0.53,8.x<8.0.4 - DoS
May 31, 2014
EPSS 0.20
CVE-2014-0110
Apache CXF < 2.6.14 and 2.7.x < 2.7.11 - Denial of Service via Large Invalid SOAP Message
May 08, 2014
EPSS 0.04
CVE-2014-0109
Apache CXF < 2.6.14 and 2.7.x < 2.7.11 - Denial of Service via Large HTML Content-Type Request
May 08, 2014
EPSS 0.04
CVE-2014-0116
Apache Struts 2.x < 2.3.20 - Remote Code Execution via CookieInterceptor ClassLoader Manipulation
May 08, 2014
EPSS 0.07
CVE-2014-0114
Apache Commons BeanUtils <1.9.2 - RCE
Apr 30, 2014
EPSS 0.96
CVE-2014-0113
Apache Struts 2.0.0-2.3.16.1 and struts2-core < 2.3.20 - Remote Code Execution via CookieInterceptor
Apr 29, 2014
EPSS 0.78
CVE-2014-0112
Apache Struts 2.0.0-2.3.16.1 and struts2-core < 2.3.20 - Remote Code Execution via ParametersInterceptor
Apr 29, 2014
EPSS 0.98
CVE-2014-0111
Apache Syncope 1.0.0-1.0.8 and 1.1.0-1.1.6 - Authenticated Remote Code Execution via JEXL Expression Injection
Apr 17, 2014
EPSS 0.03
CVE-2014-0107
Apache Xalan-Java <2.7.2 - Code Injection
Apr 15, 2014
EPSS 0.14
CVE-2014-0050
Apache Commons FileUpload <1.3.1 - DoS
Apr 01, 2014
EPSS 0.83
CVE-2014-2668
Apache CouchDB < 1.5.0 - Denial of Service via /_uuids Count Parameter
Mar 28, 2014
EPSS 0.22
CVE-2014-0003
Apache Camel <2.11.4, <2.12.3 - RCE
Mar 21, 2014
EPSS 0.07
CVE-2014-0002
Apache Camel < 2.11.4 and 2.12.x < 2.12.3 - XML External Entity Injection via XSLT Component
Mar 21, 2014
EPSS 0.33
CVE-2014-0098
Apache HTTP Server < 2.4.8 - Denial of Service via Crafted Cookie in mod_log_config
Mar 18, 2014
EPSS 0.26
CVE-2014-0094
Apache Struts 2.0.0-2.3.16.1 - Remote Code Execution via Class Parameter Manipulation
Mar 11, 2014
EPSS 1.00
CVE-2014-1884
Apache Cordova <3.3.0-Adobe PhoneGap <2.9.0 - CSRF
Mar 03, 2014
EPSS 0.08
CVE-2014-1882
Apache Cordova <3.3.0-Adobe PhoneGap <2.9.0 - CSRF
Mar 03, 2014
EPSS 0.12
CVE-2014-1881
Apache Cordova <3.3.0-Adobe PhoneGap <2.9.0 - CSRF
Mar 03, 2014
EPSS 0.11
CVE-2014-0033
Apache Tomcat 6.0.33-6.0.37 - Session Fixation
Feb 26, 2014
EPSS 0.10
CVE-2014-0032
Apache Subversion <1.7.15, <1.8.6 - DoS
Feb 14, 2014
EPSS 0.11
CVE-2014-0031
Apache CloudStack <4.2.1 - Info Disclosure
Jan 15, 2014
EPSS 0.02