apache

3,096 tracked vulnerabilities.

CVE-2013-2154
Apache XML Security for C++ < 1.7.1 - Stack-based Buffer Overflow via Malformed XPointer Expressions
Aug 20, 2013
EPSS 0.08
CVE-2013-2153
Apache XML Security for C++ < 1.7.1 - XML Signature Spoofing via Crafted Reference Elements
Aug 20, 2013
EPSS 0.05
CVE-2013-2160
Apache CXF 2.5.0-2.5.9, 2.6.0-2.6.6, 2.7.0-2.7.3 - Denial of Service via Crafted XML
Aug 19, 2013
EPSS 0.32
CVE-2013-2136
Apache CloudStack < 4.1.1 - Cross-Site Scripting via Multiple Input Fields
Aug 19, 2013
EPSS 0.04
CVE-2013-2250
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Remote Code Execution via UEL Expression Injection
Aug 15, 2013
EPSS 0.12
CVE-2013-2137
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Cross-Site Scripting in Webtools View Log Screen
Aug 15, 2013
EPSS 0.08
CVE-2013-4156
Apache OpenOffice < 4.0.0 - Out-of-bounds Write via OOXML Document
Jul 31, 2013
EPSS 0.04
CVE-2013-4131
Subversion 1.7.0-1.7.10 and 1.8.x < 1.8.1 - Authenticated Denial of Service via COPY, DELETE, or MOVE Request
Jul 31, 2013
EPSS 0.04
CVE-2013-2189
Apache OpenOffice < 4.0.0 - Memory Corruption via Invalid PLCF Data in DOC File
Jul 31, 2013
EPSS 0.04
CVE-2013-2112
Subversion < 1.6.23 and 1.7.x < 1.7.10 - Denial of Service via Connection Abort
Jul 31, 2013
EPSS 0.04
CVE-2013-2088
Subversion < 1.6.23 - Authenticated Remote Code Execution via Shell Metacharacters in Filename
Jul 31, 2013
EPSS 0.31
CVE-2013-1968
Subversion < 1.6.23 and 1.7.x < 1.7.10 - Authenticated Denial of Service via Newline in File Name
Jul 31, 2013
EPSS 0.03
CVE-2013-2249
Apache HTTP Server <2.4.5 - Unspecified Vuln
Jul 23, 2013
EPSS 0.14
CVE-2013-4002
IBM Java - Denial of Service via XML Attribute Names
Jul 23, 2013
EPSS 0.25
CVE-2013-2251 CRITICAL KEVNUCLEI
Apache Archiva 1.3-1.3.8 - Remote Code Execution via OGNL Expression Injection
Jul 20, 2013
CVSS 9.8
EPSS 1.00
CVE-2013-2248 NUCLEI
Apache Struts 2.0.0-2.3.15 - Open Redirect via redirect: or redirectAction: Prefix
Jul 20, 2013
EPSS 0.95
CVE-2013-1879
Apache ActiveMQ < 5.8.0 - Cross-Site Scripting via Scheduled Message Cron Parameter
Jul 20, 2013
EPSS 0.06
CVE-2013-2135
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Double Evaluation
Jul 16, 2013
EPSS 0.14
CVE-2013-2134
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Expression in Action Name
Jul 16, 2013
EPSS 0.70
CVE-2013-1777
Apache Geronimo 3.x < 3.0.1 - Remote Code Execution via JMX Remoting
Jul 11, 2013
EPSS 0.10
CVE-2013-1768
Apache OpenJPA 1.x < 1.2.3 and 2.x < 2.2.2 - Remote Code Execution via BrokerFactory Deserialization
Jul 11, 2013
EPSS 0.10
CVE-2013-1896
Apache HTTP Server < 2.2.25 - Denial of Service via mod_dav MERGE Request
Jul 10, 2013
EPSS 0.29
CVE-2013-2115 HIGH
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Jul 10, 2013
CVSS 8.1
EPSS 0.73
CVE-2013-1966
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Jul 10, 2013
EPSS 0.72
CVE-2013-1965 NUCLEI
Apache Struts 2.0.0-2.3.13 and Struts2-Showcase 2.0.0-2.3.13 - Remote Code Execution via OGNL Parameter Name Injection
Jul 10, 2013
EPSS 0.94