apache
3,096 tracked vulnerabilities.
CVE-2009-0026
Apache Jackrabbit < 1.5.2 - Cross-Site Scripting via Search Parameter
Jan 21, 2009
EPSS 0.22
CVE-2008-6879
Apache Roller 2.3, 3.0, 3.1, 4.0 - Cross-Site Scripting via Search q Parameter
Jul 30, 2009
EPSS 0.05
CVE-2008-5515
Apache Tomcat <6.0.19 - Path Traversal
Jun 16, 2009
EPSS 0.19
CVE-2008-5518
Apache Geronimo Application Server <2.1.3 - Path Traversal
Apr 17, 2009
EPSS 0.36
CVE-2008-6682
Apache Struts 2.0.0-2.0.11 and 2.1.0 - Cross-Site Scripting via s:a href and s:url action Attributes
Apr 09, 2009
EPSS 0.06
CVE-2008-5519
Apache Tomcat JK Connector 1.2.0-1.2.26 - Info Disclosure
Apr 09, 2009
EPSS 0.07
CVE-2008-2025
Apache Struts < 1.2.9-162.31.1 - Cross-Site Scripting via Insufficient Parameter Quoting
Apr 09, 2009
EPSS 0.08
CVE-2008-6505
Apache Struts 2.0.0-2.0.11 and 2.1.0-2.1.2 - Path Traversal via Encoded Dot-Dot-Slash in URI
Mar 23, 2009
EPSS 0.73
CVE-2008-6504
OpenSymphony XWork 2.0.x < 2.0.6 and 2.1.x < 2.1.2 - Remote Code Execution via OGNL Context Object Reference
Mar 23, 2009
EPSS 0.36
CVE-2008-4308
Apache Tomcat 4.1.32-4.1.34 and 5.5.10-5.5.20 - Information Disclosure via doRead Method
Feb 26, 2009
EPSS 0.04
CVE-2008-3271
Apache Tomcat 5.5.0-4.1.31 - Info Disclosure
Oct 13, 2008
EPSS 0.05
CVE-2008-4482
Xerces-C++ < 3.0.0 - Denial of Service via Large maxOccurs Value in XML Schema
Oct 08, 2008
EPSS 0.04
CVE-2008-3282
HIGH
OpenOffice.org 2.4.1 - Denial of Service via Integer Overflow in Memory Allocator
Aug 29, 2008
CVSS 7.8
EPSS 0.11
CVE-2008-2938
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Directory Traversal via Encoded URI Sequences
Aug 13, 2008
EPSS 1.00
CVE-2008-2939
Apache HTTP Server < 2.0.63 - Cross-Site Scripting via mod_proxy_ftp Wildcard FTP URI
Aug 06, 2008
EPSS 0.39
CVE-2008-1232
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Cross-Site Scripting via HttpServletResponse.sendError
Aug 04, 2008
EPSS 0.76
CVE-2008-2370
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Path Traversal via RequestDispatcher
Aug 04, 2008
EPSS 0.53
CVE-2008-2717
Apache Webserver < 4.0.9 - Access Control
Jun 16, 2008
EPSS 0.03
CVE-2008-2364
Apache HTTP Server 2.0.35-2.0.63 - Denial of Service via Unlimited Interim Responses
Jun 13, 2008
EPSS 0.13
CVE-2008-1947
Apache Tomcat 5.5.9-5.5.26 and 6.0.0-6.0.16 - Cross-Site Scripting via Hostname Parameter
Jun 04, 2008
EPSS 0.10
CVE-2008-2168
Apache HTTP Server <= 2.2.6 - Cross-Site Scripting via UTF-7 Encoded URLs
May 13, 2008
EPSS 0.55
CVE-2008-0732
Apache Geronimo - Improper Link Resolution Before File Access via chown Operation
Feb 12, 2008
EPSS 0.01
CVE-2008-0002
Apache Tomcat <6.0.16 - Info Disclosure
Feb 12, 2008
EPSS 0.05
CVE-2008-0455
Apache HTTP Server < 2.2.23 - Authenticated Cross-Site Scripting via mod_negotiation
Jan 25, 2008
EPSS 0.65
CVE-2008-0456
Apache HTTP Server 1.3.0-1.3.39, 2.0.0-2.0.61, 2.2.0-2.2.6 - HTTP Response Splitting via Multiline Filename Upload
Jan 25, 2008
EPSS 0.19
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters