apache

3,096 tracked vulnerabilities.

CVE-2012-0391 CRITICAL KEV
Apache Struts < 2.2.3.1 - Remote Code Execution via ExceptionDelegator OGNL Expression Injection
Jan 08, 2012
CVSS 9.8
EPSS 0.75
CVE-2011-2487 MEDIUM
Apache CXF 2.4.0-2.4.5 and WSS4J < 1.6.5 - Bleichenbacher Attack via PKCS#1 v1.5 Key Transport
Mar 11, 2020
CVSS 5.9
EPSS 0.02
CVE-2011-2177 HIGH
OpenOffice.org 3.3 - Remote Code Execution
Nov 27, 2019
CVSS 7.8
EPSS 0.02
CVE-2011-3600 HIGH NUCLEI
Apache OFBiz 16.11.01-16.11.04 - XML External Entity Injection via XML-RPC Endpoint
Nov 26, 2019
CVSS 7.5
EPSS 0.16
CVE-2011-3923 CRITICAL
Apache Struts <2.3.1.2 - Command Injection
Nov 01, 2019
CVSS 9.8
EPSS 0.89
CVE-2011-2767 CRITICAL
mod_perl 2.0-2.0.10 - Unauthenticated Remote Code Execution via .htaccess File
Aug 26, 2018
CVSS 9.8
EPSS 0.09
CVE-2011-4343 HIGH
Apache MyFaces Core <2.0.11, <2.1.5 - Info Disclosure
Aug 08, 2017
CVSS 7.5
EPSS 0.05
CVE-2011-4367
Apache MyFaces Core <2.0.12, <2.1.6 - Path Traversal
Jun 19, 2014
EPSS 0.33
CVE-2011-3620
Apache Qpid 0.12 - Improper Authentication during Cluster Join
May 03, 2012
EPSS 0.05
CVE-2011-3375
Apache Tomcat <7.0.22 - Info Disclosure
Jan 19, 2012
EPSS 0.07
CVE-2011-5064
Apache Tomcat 5.5.x-5.5.33, 6.x-6.0.32, 7.x-7.0.11 - Cryptographic Protection Bypass via Hardcoded Secret
Jan 14, 2012
EPSS 0.07
CVE-2011-5063
Apache Tomcat 5.5.x < 5.5.34, 6.x < 6.0.33, 7.x < 7.0.12 - Access Bypass via HTTP Digest Auth
Jan 14, 2012
EPSS 0.07
CVE-2011-5062
Apache Tomcat 5.5.x-5.5.33 6.x-6.0.32 7.x-7.0.11 - HTTP Digest Access Authentication Bypass via qop=auth
Jan 14, 2012
EPSS 0.08
CVE-2011-1184
Apache Tomcat 5.5.x-5.5.33 6.x-6.0.32 7.x-7.0.11 - Unauthenticated Replay Attack via HTTP Digest Authentication
Jan 14, 2012
EPSS 0.09
CVE-2011-5057
Apache Struts 2.0.0-2.3.1.2 and 2.3.19-2.3.23 - Session Tampering via Unrestricted Interface Access
Jan 08, 2012
EPSS 0.29
CVE-2011-4858
Apache Tomcat < 5.5.35, 6.x < 6.0.35, 7.x < 7.0.23 - Denial of Service via Hash Collision in Form Parameters
Jan 05, 2012
EPSS 0.80
CVE-2011-4905
Apache ActiveMQ < 5.6.0 - Denial of Service via OpenWire Failover Connection Requests
Jan 05, 2012
EPSS 0.09
CVE-2011-5034
Apache Geronimo < 2.2.1 - Denial of Service via Predictable Hash Collisions
Dec 30, 2011
EPSS 0.81
CVE-2011-4317
Apache HTTP Server 1.3.x-1.3.42, 2.0.x-2.0.64, 2.2.x-2.2.21 SSRF via Malformed URI
Nov 30, 2011
EPSS 0.60
CVE-2011-3639
Apache HTTP Server <2.0.64, <2.2.18 - SSRF
Nov 30, 2011
EPSS 0.51
CVE-2011-3376
Apache Tomcat <7.0.22 - Privilege Escalation
Nov 11, 2011
EPSS 0.01
CVE-2011-4415
Apache HTTP Server 2.0.x-2.0.64 and 2.2.x-2.2.21 - Denial of Service via mod_setenvif SetEnvIf Directive
Nov 08, 2011
EPSS 0.03
CVE-2011-3607
Apache HTTP Server <2.0.64, 2.2.x - Privilege Escalation
Nov 08, 2011
EPSS 0.05
CVE-2011-3368
Apache HTTP Server 1.3.x-1.3.42, 2.0.x-2.0.64, 2.2.x-2.2.21 SSRF via Malformed URI with @
Oct 05, 2011
EPSS 0.91
CVE-2011-3348
Apache HTTP Server 2.2.12-2.2.20 - Denial of Service via mod_proxy_ajp Malformed HTTP Request
Sep 20, 2011
EPSS 0.22