apache

3,096 tracked vulnerabilities.

CVE-2013-6398
Apache CloudStack < 4.2.1 - Firewall Rule Bypass via Virtual Router Restart
Jan 15, 2014
EPSS 0.04
CVE-2013-4517
Apache Santuario XML Security for Java <1.5.6 - DoS
Jan 11, 2014
EPSS 0.09
CVE-2013-6480
Apache Libcloud 0.12.3-0.13.2 - Exposure of Sensitive Information via DigitalOcean Destroy API
Jan 07, 2014
EPSS 0.02
CVE-2013-6408
Apache Solr < 4.3.1 - XML External Entity Injection via DocumentAnalysisRequestHandler
Dec 07, 2013
EPSS 0.11
CVE-2013-6407
Apache Solr < 4.1.0 - XML External Entity Injection via UpdateRequestHandler
Dec 07, 2013
EPSS 0.11
CVE-2013-6397
Apache Solr < 4.6 - Path Traversal via tr Parameter
Dec 07, 2013
EPSS 0.56
CVE-2013-4558
mod_dav_svn 1.7.11-1.7.13 and 1.8.1-1.8.4 - Denial of Service via Non-Canonical URL
Dec 07, 2013
EPSS 0.06
CVE-2013-4505
Apache Subversion 1.4.0-1.7.13/1.8.0-1.8.4 - Access Restriction Bypass via REPORT Request
Dec 07, 2013
EPSS 0.08
CVE-2013-4212
Apache Roller < 5.0.2 - Remote Code Execution via OGNL Injection in getText Methods
Dec 07, 2013
EPSS 0.81
CVE-2013-4171
Apache Roller < 5.0.2 - Cross-Site Scripting via Search Results in RSS and Atom Feed Templates
Dec 07, 2013
EPSS 0.03
CVE-2013-6357
Apache Tomcat < 5.5.25 - Cross-Site Request Forgery via Manager Application
Nov 13, 2013
EPSS 0.02
CVE-2013-6348
Apache Struts 2.3.15.3 - Cross-Site Scripting via Namespace Parameter
Nov 02, 2013
EPSS 0.06
CVE-2013-4390
Apache Sling Auth Core < 1.1.4 - Open Redirect via Resource Parameter
Oct 24, 2013
EPSS 0.03
CVE-2013-4295
Apache Shindig 2.5.0-beta1-2.5.0 - XML External Entity Injection in Gadget Renderer
Oct 24, 2013
EPSS 0.12
CVE-2013-4365
mod_fcgid < 2.3.9 - Heap-based Buffer Overflow in fcgid_header_bucket_read
Oct 17, 2013
EPSS 0.13
CVE-2013-2254
Apache Sling Servlets Post 2.2.0-2.3.0 - Denial of Service via deepGetOrCreateNode Infinite Loop
Oct 17, 2013
EPSS 0.04
CVE-2013-4330
Apache Camel < 2.9.7, 2.10.0-2.10.6, 2.11.0-2.11.1, 2.12.0 - Remote Code Execution via CamelFileName Header
Oct 04, 2013
EPSS 0.09
CVE-2013-4316
Apache Struts 2.0.0-2.3.15.1 - Dynamic Method Invocation
Sep 30, 2013
EPSS 0.08
CVE-2013-4310
Apache Struts 2.0.0-2.3.15.1 - Unauthenticated Access Control Bypass via Action Prefix
Sep 30, 2013
EPSS 0.07
CVE-2013-4277
Apache Subversion 1.4.0-1.7.12 and 1.8.0-1.8.1 - Arbitrary File Overwrite and Process Termination via Pidfile Symlink
Sep 16, 2013
EPSS 0.01
CVE-2013-1909
Redhat Enterprise Mrg < 0.20 - Improper Input Validation
Aug 23, 2013
EPSS 0.02
CVE-2013-2210
Apache XML Security for C++ < 1.7.2 - Heap-Based Buffer Overflow via Malformed XPointer Expressions
Aug 20, 2013
EPSS 0.06
CVE-2013-2172
Apache Santuario XML Security for Java <1.4.8/1.5.5 XML Signature Spoofing
Aug 20, 2013
EPSS 0.06
CVE-2013-2156
Apache XML Security for C++ < 1.7.1 - Heap-based Buffer Overflow in Exclusive Canonicalization
Aug 20, 2013
EPSS 0.08
CVE-2013-2155
Apache XML Security for C++ < 1.7.1 - Denial of Service and Signature Spoofing via Crafted Length Values
Aug 20, 2013
EPSS 0.06