Apache

2,736 tracked vulnerabilities.

CVE-2025-25247 MEDIUM
Apache Felix Webconsole <4.9.8-5.0.8 - XSS
Feb 10, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-25069 MEDIUM
Apache Kvrocks - SSRF
Feb 07, 2025
CVSS 6.5
EPSS 0.01
CVE-2022-31764 HIGH
Apache ShardingSphere ElasticJob-UI <3.0.2 - RCE
Feb 06, 2025
CVSS 8.5
EPSS 0.00
CVE-2024-45626 MEDIUM
Apache James Server < 3.7.6 - Denial of Service
Feb 06, 2025
CVSS 6.5
EPSS 0.01
CVE-2024-37358 HIGH
Apache James Server < 3.7.6 - Resource Allocation Without Limits
Feb 06, 2025
CVSS 8.6
EPSS 0.03
CVE-2024-48019 MEDIUM
Apache Doris < 2.1.8 - Path Traversal
Feb 04, 2025
CVSS 5.4
EPSS 0.01
CVE-2025-24860 MEDIUM
Apache Cassandra <4.0.15, <4.1.7 - Auth Bypass
Feb 04, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-27137 MEDIUM
Apache Cassandra - SSRF
Feb 04, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-23015 HIGH
Apache Cassandra <4.1.8 - Privilege Escalation
Feb 04, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-29869 MEDIUM
Hive <4.0.1 - Info Disclosure
Jan 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-23953 MEDIUM
Apache Hive < 4.0.0 - Denial of Service
Jan 28, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-24783 HIGH
Apache Cocoon - Info Disclosure
Jan 27, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-24814 MEDIUM
Apache Solr < 9.8.0 - Privilege Escalation
Jan 27, 2025
CVSS 5.5
EPSS 0.01
CVE-2024-52012 MEDIUM
Apache Solr <9.7.0 - Path Traversal
Jan 27, 2025
CVSS 5.4
EPSS 0.13
CVE-2024-53299 MEDIUM
Apache Wicket < 7.18.0 - Denial of Service
Jan 23, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-23196 HIGH
Apache Ambari < 2.7.9 - Command Injection
Jan 21, 2025
CVSS 8.8
EPSS 0.01
CVE-2025-23195 HIGH
Apache Ambari < 2.7.9 - XXE
Jan 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-51941 HIGH
Ambari - Authenticated Code Injection
Jan 21, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-45479 CRITICAL
Apache Ranger 2.4.0 - SSRF
Jan 21, 2025
CVSS 9.1
EPSS 0.00
CVE-2024-45478 MEDIUM
Apache Ranger <2.5.0 - XSS
Jan 21, 2025
CVSS 4.8
EPSS 0.01
CVE-2025-23184 MEDIUM
Apache Cxf < 3.5.10 - Denial of Service
Jan 21, 2025
CVSS 5.9
EPSS 0.00
CVE-2024-45627 MEDIUM
Apache Linkis <1.7.0 - Info Disclosure
Jan 14, 2025
CVSS 5.9
EPSS 0.00
CVE-2025-22828 MEDIUM
Apache Cloudstack - Information Disclosure
Jan 13, 2025
CVSS 4.3
EPSS 0.18
CVE-2024-54676 CRITICAL
Apache Openmeetings < 8.0.0 - Insecure Deserialization
Jan 08, 2025
CVSS 9.8
EPSS 0.06
CVE-2024-45033 HIGH
Apache Airflow Fab Provider <1.5.2 - Info Disclosure
Jan 08, 2025
CVSS 8.1
EPSS 0.01
Products
http_server 306 tomcat 237 airflow 101 struts 90 traffic_server 80 superset 68 openoffice 60 ofbiz 57 activemq 51 subversion 47 solr 46 nifi 44 cxf 43 cloudstack 38 hadoop 37 inlong 32 camel 31 ambari 26 tika 25 openmeetings 25 jspwiki 24 dolphinscheduler 24 geode 23 zeppelin 22 ranger 21 spark 21 kylin 21 couchdb 20 fineract 20 hive 20
Quick Filters
Critical CVEs With Exploits In CISA KEV