apache

3,096 tracked vulnerabilities.

CVE-2013-7285 CRITICAL NUCLEI
Oracle Endeca Information Discovery Studio - Remote Code Execution via XStream Input Stream Manipulation
May 15, 2019
CVSS 9.8
EPSS 0.84
CVE-2013-0267 HIGH
Apache VCL 2.1-2.2.1, 2.3-2.3.1 - Privilege Escalation, DoS, and XSS via Improper Data Validation
Feb 21, 2018
CVSS 8.8
EPSS 0.04
CVE-2013-4317 MEDIUM
Apache CloudStack 4.1.0-4.1.1 - Unauthorized Exposure of Sensitive Information via listProjectAccounts API
Feb 06, 2018
CVSS 4.3
EPSS 0.01
CVE-2013-4366 CRITICAL
Apache HttpClient 4.3.x < 4.3.1 - Improper Input Validation in HttpClientBuilder
Oct 30, 2017
CVSS 9.8
EPSS 0.02
CVE-2013-4246 HIGH
Apache Subversion 1.8.x - Authenticated Repository Corruption via Packed Revision Properties
Oct 30, 2017
CVSS 8.8
EPSS 0.03
CVE-2013-4444
Apache Tomcat < 7.0.40 - Remote Code Execution via JSP File Upload
Sep 12, 2014
EPSS 0.14
CVE-2013-7393
Subversion <1.8.2 - Privilege Escalation
Jul 28, 2014
EPSS 0.01
CVE-2013-4262
Subversion 1.8.0-1.8.2 - Privilege Escalation via PID File Symlink Attack
Jul 28, 2014
EPSS 0.01
CVE-2013-4352
Apache HTTP Server 2.4.6 - Denial of Service via Missing Hostname in mod_cache
Jul 20, 2014
EPSS 0.12
CVE-2013-2193
Apache HBase < 0.92.3, 0.94.x < 0.94.9 - Kerberos Authentication Bypass
May 29, 2014
EPSS 0.01
CVE-2013-2758
Apache CloudStack 4.0.0-4.0.2 and Citrix CloudPlatform 3.0.x-3.0.6 - Predictable Console Access URL
May 23, 2014
EPSS 0.06
CVE-2013-2756
Apache CloudStack <4.0.2 & Citrix CloudPlatform <3.0.6 - Auth Bypass
May 23, 2014
EPSS 0.06
CVE-2013-7372
Apache Harmony <6.0M3 - Cryptographic Protection Bypass
Apr 29, 2014
EPSS 0.02
CVE-2013-2187
Apache Archiva 1.2-1.2.2 and 1.3 < 1.3.8 - Cross-Site Scripting via Home Page Parameters
Apr 22, 2014
EPSS 0.05
CVE-2013-5704
Apache HTTP Server 2.2.22 - Auth Bypass
Apr 15, 2014
EPSS 0.60
CVE-2013-6438
Apache HTTP Server < 2.4.8 - Denial of Service via mod_dav CDATA Parsing
Mar 18, 2014
EPSS 0.27
CVE-2013-4590
Apache Tomcat <6.0.39, 7.x <7.0.50, 8.x <8.0.0-RC10 - Info Disclosure
Feb 26, 2014
EPSS 0.09
CVE-2013-4322
Apache Tomcat < 6.0.39, 7.x < 7.0.50, 8.x < 8.0.0-RC10 - Denial of Service via Chunked Transfer Coding
Feb 26, 2014
EPSS 0.09
CVE-2013-4286
Apache Tomcat < 6.0.39, 7.x < 7.0.47, 8.x < 8.0.0-RC3 - Request Smuggling via Inconsistent HTTP Headers
Feb 26, 2014
EPSS 0.17
CVE-2013-0346
Apache Tomcat 7.x - Information Disclosure via World-Readable Log Directory
Feb 15, 2014
EPSS 0.01
CVE-2013-2055
Apache Wicket <6.8.0 - Info Disclosure
Feb 10, 2014
EPSS 0.03
CVE-2013-1880
Apache ActiveMQ < 5.9.0 - Cross-Site Scripting via Portfolio Publisher Refresh Parameter
Feb 05, 2014
EPSS 0.06
CVE-2013-0177
Apache OFBiz 10.04.x < 10.04.05 and 11.04.01 - Authenticated Cross-Site Scripting via Widget Attributes
Jan 30, 2014
EPSS 0.21
CVE-2013-2192
Apache Hadoop 2.x < 2.0.6-alpha, 0.23.x < 0.23.9, 1.x < 1.2.1 - Authentication Downgrade via RPC Protocol
Jan 24, 2014
EPSS 0.01
CVE-2013-2185
Apache Tomcat < 7.0.39 - Arbitrary File Write via DiskFileItem Deserialization
Jan 19, 2014
EPSS 0.07