apache
3,096 tracked vulnerabilities.
CVE-2013-2154
Apache XML Security for C++ < 1.7.1 - Stack-based Buffer Overflow via Malformed XPointer Expressions
Aug 20, 2013
EPSS 0.08
CVE-2013-2153
Apache XML Security for C++ < 1.7.1 - XML Signature Spoofing via Crafted Reference Elements
Aug 20, 2013
EPSS 0.05
CVE-2013-2160
Apache CXF 2.5.0-2.5.9, 2.6.0-2.6.6, 2.7.0-2.7.3 - Denial of Service via Crafted XML
Aug 19, 2013
EPSS 0.32
CVE-2013-2136
Apache CloudStack < 4.1.1 - Cross-Site Scripting via Multiple Input Fields
Aug 19, 2013
EPSS 0.04
CVE-2013-2250
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Remote Code Execution via UEL Expression Injection
Aug 15, 2013
EPSS 0.12
CVE-2013-2137
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Cross-Site Scripting in Webtools View Log Screen
Aug 15, 2013
EPSS 0.08
CVE-2013-4156
Apache OpenOffice < 4.0.0 - Out-of-bounds Write via OOXML Document
Jul 31, 2013
EPSS 0.04
CVE-2013-4131
Subversion 1.7.0-1.7.10 and 1.8.x < 1.8.1 - Authenticated Denial of Service via COPY, DELETE, or MOVE Request
Jul 31, 2013
EPSS 0.04
CVE-2013-2189
Apache OpenOffice < 4.0.0 - Memory Corruption via Invalid PLCF Data in DOC File
Jul 31, 2013
EPSS 0.04
CVE-2013-2112
Subversion < 1.6.23 and 1.7.x < 1.7.10 - Denial of Service via Connection Abort
Jul 31, 2013
EPSS 0.04
CVE-2013-2088
Subversion < 1.6.23 - Authenticated Remote Code Execution via Shell Metacharacters in Filename
Jul 31, 2013
EPSS 0.31
CVE-2013-1968
Subversion < 1.6.23 and 1.7.x < 1.7.10 - Authenticated Denial of Service via Newline in File Name
Jul 31, 2013
EPSS 0.03
CVE-2013-2249
Apache HTTP Server <2.4.5 - Unspecified Vuln
Jul 23, 2013
EPSS 0.14
CVE-2013-4002
IBM Java - Denial of Service via XML Attribute Names
Jul 23, 2013
EPSS 0.25
CVE-2013-2251
CRITICAL
KEVNUCLEI
Apache Archiva 1.3-1.3.8 - Remote Code Execution via OGNL Expression Injection
Jul 20, 2013
CVSS 9.8
EPSS 1.00
CVE-2013-2248
NUCLEI
Apache Struts 2.0.0-2.3.15 - Open Redirect via redirect: or redirectAction: Prefix
Jul 20, 2013
EPSS 0.95
CVE-2013-1879
Apache ActiveMQ < 5.8.0 - Cross-Site Scripting via Scheduled Message Cron Parameter
Jul 20, 2013
EPSS 0.06
CVE-2013-2135
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Double Evaluation
Jul 16, 2013
EPSS 0.14
CVE-2013-2134
Apache Struts 2.0.0-2.3.14.2 - Remote Code Execution via OGNL Expression in Action Name
Jul 16, 2013
EPSS 0.70
CVE-2013-1777
Apache Geronimo 3.x < 3.0.1 - Remote Code Execution via JMX Remoting
Jul 11, 2013
EPSS 0.10
CVE-2013-1768
Apache OpenJPA 1.x < 1.2.3 and 2.x < 2.2.2 - Remote Code Execution via BrokerFactory Deserialization
Jul 11, 2013
EPSS 0.10
CVE-2013-1896
Apache HTTP Server < 2.2.25 - Denial of Service via mod_dav MERGE Request
Jul 10, 2013
EPSS 0.29
CVE-2013-2115
HIGH
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Jul 10, 2013
CVSS 8.1
EPSS 0.73
CVE-2013-1966
Apache Struts 2.0.0-2.3.14.1 - Remote Code Execution via OGNL Injection in URL/A Tag
Jul 10, 2013
EPSS 0.72
CVE-2013-1965
NUCLEI
Apache Struts 2.0.0-2.3.13 and Struts2-Showcase 2.0.0-2.3.13 - Remote Code Execution via OGNL Parameter Name Injection
Jul 10, 2013
EPSS 0.94
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters