apache
3,096 tracked vulnerabilities.
CVE-2012-4557
Apache HTTP Server 2.2.12-2.2.21 - Denial of Service via mod_proxy_ajp Worker Consumption
Nov 30, 2012
EPSS 0.17
CVE-2012-5887
Apache Tomcat 5.5.0-5.5.35 - Improper Authentication via Stale Nonce Bypass
Nov 17, 2012
EPSS 0.12
CVE-2012-5886
Apache Tomcat 5.5.x < 5.5.36, 6.x < 6.0.36, 7.x < 7.0.30 - Authentication Bypass via Session ID
Nov 17, 2012
EPSS 0.09
CVE-2012-5885
Apache Tomcat 5.5.x-5.5.35 6.x-6.0.35 7.x-7.0.29 - Authentication Bypass via Digest Auth Replay Countermeasure
Nov 17, 2012
EPSS 0.09
CVE-2012-2733
Apache Tomcat <6.0.36, <7.0.28 - DoS
Nov 16, 2012
EPSS 0.09
CVE-2012-5786
Apache CXF < 2.6.17 - Man-in-the-Middle Attack via Improper Certificate Validation
Nov 04, 2012
EPSS 0.01
CVE-2012-5785
Apache Axis2/Java < 1.6.2 - Man-in-the-Middle Attack via Unverified X.509 Certificate
Nov 04, 2012
EPSS 0.02
CVE-2012-5784
Apache Axis <= 1.4 - Man-in-the-Middle Attack via SSL Certificate Hostname Mismatch
Nov 04, 2012
EPSS 0.06
CVE-2012-5783
Apache Commons HttpClient 3.x - Improper Certificate Validation
Nov 04, 2012
EPSS 0.09
CVE-2012-3446
MEDIUM
Apache Libcloud < 0.11.1 - Improper Certificate Validation
Nov 04, 2012
CVSS 5.9
EPSS 0.01
CVE-2012-4501
Apache CloudStack - Unauthenticated Arbitrary API Call Execution via System User Account
Oct 26, 2012
EPSS 0.08
CVE-2012-3506
Apache OFBiz <10.04.03 - Impact Unknown
Oct 25, 2012
EPSS 0.07
CVE-2012-5351
Apache Axis2 < 1.6.4 - Authentication Bypass via SAML Signature Exclusion
Oct 09, 2012
EPSS 0.05
CVE-2012-4418
Apache Axis2 < 1.7.9 - Authentication Bypass via XML Signature Wrapping Attack
Oct 09, 2012
EPSS 0.06
CVE-2012-2145
Apache Qpid < 0.17 - Denial of Service via Incomplete Client Connections
Sep 28, 2012
EPSS 0.04
CVE-2012-3451
Apache CXF < 2.4.9, 2.5.x < 2.5.5, 2.6.x < 2.6.2 - Remote Code Execution via SOAP Action Header
Sep 24, 2012
EPSS 0.09
CVE-2012-3373
Apache Wicket 1.4.x-1.4.20 and 1.5.x-1.5.7 - Cross-Site Scripting via Null Byte in Ajax Link URL
Sep 19, 2012
EPSS 0.03
CVE-2012-4387
Apache Struts 2.0.0-2.3.4 - Denial of Service via Long Parameter Name
Sep 05, 2012
EPSS 0.08
CVE-2012-4386
Apache Struts 2.0.0-2.3.4 - Cross-Site Request Forgery via Token Name Parameter
Sep 05, 2012
EPSS 0.03
CVE-2012-3467
Apache QPID <= 0.16 - Unauthenticated Authentication Bypass via NullAuthenticator
Aug 27, 2012
EPSS 0.06
CVE-2012-3502
Apache HTTP Server < 2.4.3 - Exposure of Sensitive Information via Proxy Connection Reuse
Aug 22, 2012
EPSS 0.10
CVE-2012-2687
Apache HTTP Server < 2.4.3 - Cross-Site Scripting via Crafted Filename in mod_negotiation
Aug 22, 2012
EPSS 0.23
CVE-2012-0213
Apache POI < 3.8 - Denial of Service via UnhandledDataStructure Length Value
Aug 07, 2012
EPSS 0.08
CVE-2012-2665
OpenOffice.org/LibreOffice <3.5.5 - Buffer Overflow
Aug 06, 2012
EPSS 0.07
CVE-2012-3376
Apache Hadoop 2.0.0-alpha - Unauthenticated Arbitrary Block Access via BlockToken Bypass
Jul 12, 2012
EPSS 0.03
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters