apache
3,096 tracked vulnerabilities.
CVE-2013-7285
CRITICAL
NUCLEI
Oracle Endeca Information Discovery Studio - Remote Code Execution via XStream Input Stream Manipulation
May 15, 2019
CVSS 9.8
EPSS 0.84
CVE-2013-0267
HIGH
Apache VCL 2.1-2.2.1, 2.3-2.3.1 - Privilege Escalation, DoS, and XSS via Improper Data Validation
Feb 21, 2018
CVSS 8.8
EPSS 0.04
CVE-2013-4317
MEDIUM
Apache CloudStack 4.1.0-4.1.1 - Unauthorized Exposure of Sensitive Information via listProjectAccounts API
Feb 06, 2018
CVSS 4.3
EPSS 0.01
CVE-2013-4366
CRITICAL
Apache HttpClient 4.3.x < 4.3.1 - Improper Input Validation in HttpClientBuilder
Oct 30, 2017
CVSS 9.8
EPSS 0.02
CVE-2013-4246
HIGH
Apache Subversion 1.8.x - Authenticated Repository Corruption via Packed Revision Properties
Oct 30, 2017
CVSS 8.8
EPSS 0.03
CVE-2013-4444
Apache Tomcat < 7.0.40 - Remote Code Execution via JSP File Upload
Sep 12, 2014
EPSS 0.14
CVE-2013-7393
Subversion <1.8.2 - Privilege Escalation
Jul 28, 2014
EPSS 0.01
CVE-2013-4262
Subversion 1.8.0-1.8.2 - Privilege Escalation via PID File Symlink Attack
Jul 28, 2014
EPSS 0.01
CVE-2013-4352
Apache HTTP Server 2.4.6 - Denial of Service via Missing Hostname in mod_cache
Jul 20, 2014
EPSS 0.12
CVE-2013-2193
Apache HBase < 0.92.3, 0.94.x < 0.94.9 - Kerberos Authentication Bypass
May 29, 2014
EPSS 0.01
CVE-2013-2758
Apache CloudStack 4.0.0-4.0.2 and Citrix CloudPlatform 3.0.x-3.0.6 - Predictable Console Access URL
May 23, 2014
EPSS 0.06
CVE-2013-2756
Apache CloudStack <4.0.2 & Citrix CloudPlatform <3.0.6 - Auth Bypass
May 23, 2014
EPSS 0.06
CVE-2013-7372
Apache Harmony <6.0M3 - Cryptographic Protection Bypass
Apr 29, 2014
EPSS 0.02
CVE-2013-2187
Apache Archiva 1.2-1.2.2 and 1.3 < 1.3.8 - Cross-Site Scripting via Home Page Parameters
Apr 22, 2014
EPSS 0.05
CVE-2013-5704
Apache HTTP Server 2.2.22 - Auth Bypass
Apr 15, 2014
EPSS 0.60
CVE-2013-6438
Apache HTTP Server < 2.4.8 - Denial of Service via mod_dav CDATA Parsing
Mar 18, 2014
EPSS 0.27
CVE-2013-4590
Apache Tomcat <6.0.39, 7.x <7.0.50, 8.x <8.0.0-RC10 - Info Disclosure
Feb 26, 2014
EPSS 0.09
CVE-2013-4322
Apache Tomcat < 6.0.39, 7.x < 7.0.50, 8.x < 8.0.0-RC10 - Denial of Service via Chunked Transfer Coding
Feb 26, 2014
EPSS 0.09
CVE-2013-4286
Apache Tomcat < 6.0.39, 7.x < 7.0.47, 8.x < 8.0.0-RC3 - Request Smuggling via Inconsistent HTTP Headers
Feb 26, 2014
EPSS 0.17
CVE-2013-0346
Apache Tomcat 7.x - Information Disclosure via World-Readable Log Directory
Feb 15, 2014
EPSS 0.01
CVE-2013-2055
Apache Wicket <6.8.0 - Info Disclosure
Feb 10, 2014
EPSS 0.03
CVE-2013-1880
Apache ActiveMQ < 5.9.0 - Cross-Site Scripting via Portfolio Publisher Refresh Parameter
Feb 05, 2014
EPSS 0.06
CVE-2013-0177
Apache OFBiz 10.04.x < 10.04.05 and 11.04.01 - Authenticated Cross-Site Scripting via Widget Attributes
Jan 30, 2014
EPSS 0.21
CVE-2013-2192
Apache Hadoop 2.x < 2.0.6-alpha, 0.23.x < 0.23.9, 1.x < 1.2.1 - Authentication Downgrade via RPC Protocol
Jan 24, 2014
EPSS 0.01
CVE-2013-2185
Apache Tomcat < 7.0.39 - Arbitrary File Write via DiskFileItem Deserialization
Jan 19, 2014
EPSS 0.07
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters