apache
3,096 tracked vulnerabilities.
CVE-2012-6153
Apache Commons HttpClient < 4.2.3 - Improper Certificate Hostname Validation in AbstractVerifier
Sep 04, 2014
EPSS 0.06
CVE-2012-1621
Apache OFBiz 10.04.x < 10.04.02 - Cross-Site Scripting via Multiple Input Vectors
Jun 19, 2014
EPSS 0.10
CVE-2012-5649
Apache CouchDB <1.0.4, 1.1.x <1.1.2, 1.2.x <1.2.1 - RCE
May 23, 2014
EPSS 0.07
CVE-2012-5650
Apache CouchDB <1.0.4, <1.1.2, <1.2.1 - XSS
Mar 18, 2014
EPSS 0.04
CVE-2012-5641
Apache CouchDB < 1.0.4, 1.1.x < 1.1.2, 1.2.x < 1.2.1 - Path Traversal via MochiWeb Partition2 Function
Mar 18, 2014
EPSS 0.09
CVE-2012-6637
Apache Cordova < 3.3.0 and Adobe PhoneGap < 2.9.0 - Whitelist Bypass via Domain Name Substring Matching
Mar 03, 2014
EPSS 0.10
CVE-2012-6612
Apache Solr < 4.1.0 - XML External Entity Injection via UpdateRequestHandler or XPathEntityProcessor
Dec 07, 2013
EPSS 0.10
CVE-2012-5575
Apache CXF Cryptographic Downgrade via WS-SecurityPolicy AlgorithmSuite Bypass
Aug 19, 2013
EPSS 0.06
CVE-2012-3544
Apache Tomcat 6.x < 6.0.37 and 7.x < 7.0.30 - Denial of Service via Chunked Transfer Coding
Jun 01, 2013
EPSS 0.11
CVE-2012-6551
Apache ActiveMQ < 5.8.0 - Denial of Service via Default Web Demo Application
Apr 21, 2013
EPSS 0.08
CVE-2012-6092
Apache ActiveMQ < 5.8.0 - Cross-Site Scripting via Portfolio Publish Refresh Parameter
Apr 21, 2013
EPSS 0.06
CVE-2012-4460
Apache Qpid < 0.20 - Denial of Service via Buffer Deserialization
Mar 14, 2013
EPSS 0.03
CVE-2012-4459
Apache Qpid < 0.20 - Denial of Service via Crafted Message
Mar 14, 2013
EPSS 0.09
CVE-2012-4458
Apache Qpid < 0.20 - Denial of Service via Zero Width Elements in AMQP Client-Properties Map
Mar 14, 2013
EPSS 0.07
CVE-2012-4446
Apache Qpid < 0.20 - Unauthenticated Authentication Bypass via AMQP Federation Tag
Mar 14, 2013
EPSS 0.05
CVE-2012-5633
Apache CXF <2.5.8, <2.6.5, <2.7.2 - Auth Bypass
Mar 12, 2013
EPSS 0.08
CVE-2012-4558
Apache HTTP Server <2.2.24-dev, <2.4.4 - XSS
Feb 26, 2013
EPSS 0.23
CVE-2012-3499
Apache HTTP Server 2.2.x < 2.2.24-dev and 2.4.x < 2.4.4 - Cross-Site Scripting via Hostnames and URIs
Feb 26, 2013
EPSS 0.23
CVE-2012-5616
Apache CloudStack 4.0.0-incubating - Info Disclosure
Jan 22, 2013
EPSS 0.01
CVE-2012-2378
Apache CXF 2.4.5-2.4.7 2.5.1-2.5.3 < 2.6.1 - Security Policy Bypass via WS-SecurityPolicy SupportingToken
Jan 05, 2013
EPSS 0.04
CVE-2012-2379
Apache CXF <2.4.8-<2.5.4-<2.6.1 - Unspecified Vuln
Jan 03, 2013
EPSS 0.04
CVE-2012-4534
Apache Tomcat <6.0.36, 7.x <7.0.28 - DoS
Dec 19, 2012
EPSS 0.07
CVE-2012-4431
Apache Tomcat 6.x < 6.0.36 and 7.x < 7.0.32 - CSRF Protection Bypass via Sessionless Request
Dec 19, 2012
EPSS 0.09
CVE-2012-3546
Apache Tomcat 6.x < 6.0.36 and 7.x < 7.0.30 - Security Constraint Bypass via /j_security_check URI
Dec 19, 2012
EPSS 0.12
CVE-2012-5568
Apache Tomcat < 7.0.105 - Denial of Service via Partial HTTP Requests
Nov 30, 2012
EPSS 0.10
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters