apache
3,096 tracked vulnerabilities.
CVE-2012-0391
CRITICAL
KEV
Apache Struts < 2.2.3.1 - Remote Code Execution via ExceptionDelegator OGNL Expression Injection
Jan 08, 2012
CVSS 9.8
EPSS 0.75
CVE-2011-2487
MEDIUM
Apache CXF 2.4.0-2.4.5 and WSS4J < 1.6.5 - Bleichenbacher Attack via PKCS#1 v1.5 Key Transport
Mar 11, 2020
CVSS 5.9
EPSS 0.02
CVE-2011-2177
HIGH
OpenOffice.org 3.3 - Remote Code Execution
Nov 27, 2019
CVSS 7.8
EPSS 0.02
CVE-2011-3600
HIGH
NUCLEI
Apache OFBiz 16.11.01-16.11.04 - XML External Entity Injection via XML-RPC Endpoint
Nov 26, 2019
CVSS 7.5
EPSS 0.16
CVE-2011-3923
CRITICAL
Apache Struts <2.3.1.2 - Command Injection
Nov 01, 2019
CVSS 9.8
EPSS 0.89
CVE-2011-2767
CRITICAL
mod_perl 2.0-2.0.10 - Unauthenticated Remote Code Execution via .htaccess File
Aug 26, 2018
CVSS 9.8
EPSS 0.09
CVE-2011-4343
HIGH
Apache MyFaces Core <2.0.11, <2.1.5 - Info Disclosure
Aug 08, 2017
CVSS 7.5
EPSS 0.05
CVE-2011-4367
Apache MyFaces Core <2.0.12, <2.1.6 - Path Traversal
Jun 19, 2014
EPSS 0.33
CVE-2011-3620
Apache Qpid 0.12 - Improper Authentication during Cluster Join
May 03, 2012
EPSS 0.05
CVE-2011-3375
Apache Tomcat <7.0.22 - Info Disclosure
Jan 19, 2012
EPSS 0.07
CVE-2011-5064
Apache Tomcat 5.5.x-5.5.33, 6.x-6.0.32, 7.x-7.0.11 - Cryptographic Protection Bypass via Hardcoded Secret
Jan 14, 2012
EPSS 0.07
CVE-2011-5063
Apache Tomcat 5.5.x < 5.5.34, 6.x < 6.0.33, 7.x < 7.0.12 - Access Bypass via HTTP Digest Auth
Jan 14, 2012
EPSS 0.07
CVE-2011-5062
Apache Tomcat 5.5.x-5.5.33 6.x-6.0.32 7.x-7.0.11 - HTTP Digest Access Authentication Bypass via qop=auth
Jan 14, 2012
EPSS 0.08
CVE-2011-1184
Apache Tomcat 5.5.x-5.5.33 6.x-6.0.32 7.x-7.0.11 - Unauthenticated Replay Attack via HTTP Digest Authentication
Jan 14, 2012
EPSS 0.09
CVE-2011-5057
Apache Struts 2.0.0-2.3.1.2 and 2.3.19-2.3.23 - Session Tampering via Unrestricted Interface Access
Jan 08, 2012
EPSS 0.29
CVE-2011-4858
Apache Tomcat < 5.5.35, 6.x < 6.0.35, 7.x < 7.0.23 - Denial of Service via Hash Collision in Form Parameters
Jan 05, 2012
EPSS 0.80
CVE-2011-4905
Apache ActiveMQ < 5.6.0 - Denial of Service via OpenWire Failover Connection Requests
Jan 05, 2012
EPSS 0.09
CVE-2011-5034
Apache Geronimo < 2.2.1 - Denial of Service via Predictable Hash Collisions
Dec 30, 2011
EPSS 0.81
CVE-2011-4317
Apache HTTP Server 1.3.x-1.3.42, 2.0.x-2.0.64, 2.2.x-2.2.21 SSRF via Malformed URI
Nov 30, 2011
EPSS 0.60
CVE-2011-3639
Apache HTTP Server <2.0.64, <2.2.18 - SSRF
Nov 30, 2011
EPSS 0.51
CVE-2011-3376
Apache Tomcat <7.0.22 - Privilege Escalation
Nov 11, 2011
EPSS 0.01
CVE-2011-4415
Apache HTTP Server 2.0.x-2.0.64 and 2.2.x-2.2.21 - Denial of Service via mod_setenvif SetEnvIf Directive
Nov 08, 2011
EPSS 0.03
CVE-2011-3607
Apache HTTP Server <2.0.64, 2.2.x - Privilege Escalation
Nov 08, 2011
EPSS 0.05
CVE-2011-3368
Apache HTTP Server 1.3.x-1.3.42, 2.0.x-2.0.64, 2.2.x-2.2.21 SSRF via Malformed URI with @
Oct 05, 2011
EPSS 0.91
CVE-2011-3348
Apache HTTP Server 2.2.12-2.2.20 - Denial of Service via mod_proxy_ajp Malformed HTTP Request
Sep 20, 2011
EPSS 0.22
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters