apache

3,096 tracked vulnerabilities.

CVE-2010-3872 HIGH
mod_fcgid - Stack-based Buffer Overflow in fcgid_header_bucket_read
Nov 22, 2010
CVSS 7.5
EPSS 0.03
CVE-2010-4008
Google Chrome < 7.0.517.44 - Memory Corruption
Nov 17, 2010
EPSS 0.03
CVE-2010-3863
Apache Shiro < 1.1.0 and JSecurity 0.9.x - Path Traversal via URI Path Bypass
Nov 05, 2010
EPSS 0.55
CVE-2010-2057
Apache MyFaces 1.1.x < 1.1.8, 1.2.x < 1.2.9, 2.0.x < 2.0.1 - View State Tampering via Padding Oracle Attack
Oct 20, 2010
EPSS 0.03
CVE-2010-0219 NUCLEI
Apache Axis2 - Remote Code Execution via Default Admin Credentials
Oct 18, 2010
EPSS 0.90
CVE-2010-3083
Apache Qpid - Denial of Service via SSL Handshake Omission
Oct 12, 2010
EPSS 0.05
CVE-2010-3315
Apache Subversion <1.5.8-1.6.13 - Privilege Escalation
Oct 04, 2010
EPSS 0.04
CVE-2010-1623
APR-util < 1.3.10 - Memory Leak in apr_brigade_split_line
Oct 04, 2010
EPSS 0.20
CVE-2010-2953
CouchDB 0.8.0 - Privilege Escalation
Sep 14, 2010
EPSS 0.01
CVE-2010-2952
Apache Traffic Server <2.0.1-2.1.2 - Info Disclosure
Sep 13, 2010
EPSS 0.03
CVE-2010-2234
Apache CouchDB 0.8.0-0.11.0 - Cross-Site Request Forgery
Aug 19, 2010
EPSS 0.02
CVE-2010-2076 CRITICAL
Apache CXF 2.0.6-2.0.12, 2.1.x < 2.1.10, 2.2.x < 2.2.9 - XML External Entity Injection via SOAP DTD Processing
Aug 19, 2010
CVSS 9.8
EPSS 0.10
CVE-2010-1870 NUCLEI
Apache Struts 2.0.0-2.1.8.1 - Remote Code Execution via OGNL Context Variable Manipulation
Aug 17, 2010
EPSS 0.91
CVE-2010-2791
Apache HTTP Server <2.2.9 - Info Disclosure
Aug 05, 2010
EPSS 0.08
CVE-2010-1452
Apache HTTP Server 2.0.35-2.0.63 - Denial of Service via Pathless Request
Jul 28, 2010
EPSS 0.22
CVE-2010-2227
Apache Tomcat 5.5.0-5.5.29, 6.0.0-6.0.27, 7.0.0 beta - Denial of Service via Invalid Transfer-Encoding Header
Jul 13, 2010
EPSS 0.55
CVE-2010-1632
Apache Axis2 < 1.5.2 - XML External Entity Injection via SOAP DTD Processing
Jun 22, 2010
EPSS 0.22
CVE-2010-2068
Apache HTTP Server 2.2.9-2.2.15, 2.3.4-alpha, 2.3.5-alpha - Sensitive Information Exposure via Proxy Worker Pool Timeout
Jun 18, 2010
EPSS 0.16
CVE-2010-0395
OpenOffice.org <3.2.1 - Auth Bypass
Jun 10, 2010
EPSS 0.11
CVE-2010-2103
Apache Axis2 1.4.1-1.5.1 - Cross-Site Scripting via Modules Parameter
May 27, 2010
EPSS 0.35
CVE-2010-2086
Apache MyFaces 1.1.7 and 1.2.8 - Cross-Site Scripting and Arbitrary EL Execution via Unencrypted View State
May 27, 2010
EPSS 0.02
CVE-2010-1587
Apache ActiveMQ <5.3.2 and <5.4.0 - Info Disclosure
Apr 28, 2010
EPSS 0.78
CVE-2010-1157
Apache Tomcat <6.0.26 - Info Disclosure
Apr 23, 2010
EPSS 0.53
CVE-2010-1151
Apache HTTP Server - Authentication Bypass via mod_auth_shadow Race Condition
Apr 20, 2010
EPSS 0.04
CVE-2010-0432
Apache OFBiz < 09.04 - Cross-Site Scripting via Multiple Parameters
Apr 15, 2010
EPSS 0.23