apache

3,096 tracked vulnerabilities.

CVE-2012-6153
Apache Commons HttpClient < 4.2.3 - Improper Certificate Hostname Validation in AbstractVerifier
Sep 04, 2014
EPSS 0.06
CVE-2012-1621
Apache OFBiz 10.04.x < 10.04.02 - Cross-Site Scripting via Multiple Input Vectors
Jun 19, 2014
EPSS 0.10
CVE-2012-5649
Apache CouchDB <1.0.4, 1.1.x <1.1.2, 1.2.x <1.2.1 - RCE
May 23, 2014
EPSS 0.07
CVE-2012-5650
Apache CouchDB <1.0.4, <1.1.2, <1.2.1 - XSS
Mar 18, 2014
EPSS 0.04
CVE-2012-5641
Apache CouchDB < 1.0.4, 1.1.x < 1.1.2, 1.2.x < 1.2.1 - Path Traversal via MochiWeb Partition2 Function
Mar 18, 2014
EPSS 0.09
CVE-2012-6637
Apache Cordova < 3.3.0 and Adobe PhoneGap < 2.9.0 - Whitelist Bypass via Domain Name Substring Matching
Mar 03, 2014
EPSS 0.10
CVE-2012-6612
Apache Solr < 4.1.0 - XML External Entity Injection via UpdateRequestHandler or XPathEntityProcessor
Dec 07, 2013
EPSS 0.10
CVE-2012-5575
Apache CXF Cryptographic Downgrade via WS-SecurityPolicy AlgorithmSuite Bypass
Aug 19, 2013
EPSS 0.06
CVE-2012-3544
Apache Tomcat 6.x < 6.0.37 and 7.x < 7.0.30 - Denial of Service via Chunked Transfer Coding
Jun 01, 2013
EPSS 0.11
CVE-2012-6551
Apache ActiveMQ < 5.8.0 - Denial of Service via Default Web Demo Application
Apr 21, 2013
EPSS 0.08
CVE-2012-6092
Apache ActiveMQ < 5.8.0 - Cross-Site Scripting via Portfolio Publish Refresh Parameter
Apr 21, 2013
EPSS 0.06
CVE-2012-4460
Apache Qpid < 0.20 - Denial of Service via Buffer Deserialization
Mar 14, 2013
EPSS 0.03
CVE-2012-4459
Apache Qpid < 0.20 - Denial of Service via Crafted Message
Mar 14, 2013
EPSS 0.09
CVE-2012-4458
Apache Qpid < 0.20 - Denial of Service via Zero Width Elements in AMQP Client-Properties Map
Mar 14, 2013
EPSS 0.07
CVE-2012-4446
Apache Qpid < 0.20 - Unauthenticated Authentication Bypass via AMQP Federation Tag
Mar 14, 2013
EPSS 0.05
CVE-2012-5633
Apache CXF <2.5.8, <2.6.5, <2.7.2 - Auth Bypass
Mar 12, 2013
EPSS 0.08
CVE-2012-4558
Apache HTTP Server <2.2.24-dev, <2.4.4 - XSS
Feb 26, 2013
EPSS 0.23
CVE-2012-3499
Apache HTTP Server 2.2.x < 2.2.24-dev and 2.4.x < 2.4.4 - Cross-Site Scripting via Hostnames and URIs
Feb 26, 2013
EPSS 0.23
CVE-2012-5616
Apache CloudStack 4.0.0-incubating - Info Disclosure
Jan 22, 2013
EPSS 0.01
CVE-2012-2378
Apache CXF 2.4.5-2.4.7 2.5.1-2.5.3 < 2.6.1 - Security Policy Bypass via WS-SecurityPolicy SupportingToken
Jan 05, 2013
EPSS 0.04
CVE-2012-2379
Apache CXF <2.4.8-<2.5.4-<2.6.1 - Unspecified Vuln
Jan 03, 2013
EPSS 0.04
CVE-2012-4534
Apache Tomcat <6.0.36, 7.x <7.0.28 - DoS
Dec 19, 2012
EPSS 0.07
CVE-2012-4431
Apache Tomcat 6.x < 6.0.36 and 7.x < 7.0.32 - CSRF Protection Bypass via Sessionless Request
Dec 19, 2012
EPSS 0.09
CVE-2012-3546
Apache Tomcat 6.x < 6.0.36 and 7.x < 7.0.30 - Security Constraint Bypass via /j_security_check URI
Dec 19, 2012
EPSS 0.12
CVE-2012-5568
Apache Tomcat < 7.0.105 - Denial of Service via Partial HTTP Requests
Nov 30, 2012
EPSS 0.10