apache

3,096 tracked vulnerabilities.

CVE-2009-0026
Apache Jackrabbit < 1.5.2 - Cross-Site Scripting via Search Parameter
Jan 21, 2009
EPSS 0.22
CVE-2008-6879
Apache Roller 2.3, 3.0, 3.1, 4.0 - Cross-Site Scripting via Search q Parameter
Jul 30, 2009
EPSS 0.05
CVE-2008-5515
Apache Tomcat <6.0.19 - Path Traversal
Jun 16, 2009
EPSS 0.19
CVE-2008-5518
Apache Geronimo Application Server <2.1.3 - Path Traversal
Apr 17, 2009
EPSS 0.36
CVE-2008-6682
Apache Struts 2.0.0-2.0.11 and 2.1.0 - Cross-Site Scripting via s:a href and s:url action Attributes
Apr 09, 2009
EPSS 0.06
CVE-2008-5519
Apache Tomcat JK Connector 1.2.0-1.2.26 - Info Disclosure
Apr 09, 2009
EPSS 0.07
CVE-2008-2025
Apache Struts < 1.2.9-162.31.1 - Cross-Site Scripting via Insufficient Parameter Quoting
Apr 09, 2009
EPSS 0.08
CVE-2008-6505
Apache Struts 2.0.0-2.0.11 and 2.1.0-2.1.2 - Path Traversal via Encoded Dot-Dot-Slash in URI
Mar 23, 2009
EPSS 0.73
CVE-2008-6504
OpenSymphony XWork 2.0.x < 2.0.6 and 2.1.x < 2.1.2 - Remote Code Execution via OGNL Context Object Reference
Mar 23, 2009
EPSS 0.36
CVE-2008-4308
Apache Tomcat 4.1.32-4.1.34 and 5.5.10-5.5.20 - Information Disclosure via doRead Method
Feb 26, 2009
EPSS 0.04
CVE-2008-3271
Apache Tomcat 5.5.0-4.1.31 - Info Disclosure
Oct 13, 2008
EPSS 0.05
CVE-2008-4482
Xerces-C++ < 3.0.0 - Denial of Service via Large maxOccurs Value in XML Schema
Oct 08, 2008
EPSS 0.04
CVE-2008-3282 HIGH
OpenOffice.org 2.4.1 - Denial of Service via Integer Overflow in Memory Allocator
Aug 29, 2008
CVSS 7.8
EPSS 0.11
CVE-2008-2938
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Directory Traversal via Encoded URI Sequences
Aug 13, 2008
EPSS 1.00
CVE-2008-2939
Apache HTTP Server < 2.0.63 - Cross-Site Scripting via mod_proxy_ftp Wildcard FTP URI
Aug 06, 2008
EPSS 0.39
CVE-2008-1232
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Cross-Site Scripting via HttpServletResponse.sendError
Aug 04, 2008
EPSS 0.76
CVE-2008-2370
Apache Tomcat 4.1.0-4.1.37, 5.5.0-5.5.26, 6.0.0-6.0.16 - Path Traversal via RequestDispatcher
Aug 04, 2008
EPSS 0.53
CVE-2008-2717
Apache Webserver < 4.0.9 - Access Control
Jun 16, 2008
EPSS 0.03
CVE-2008-2364
Apache HTTP Server 2.0.35-2.0.63 - Denial of Service via Unlimited Interim Responses
Jun 13, 2008
EPSS 0.13
CVE-2008-1947
Apache Tomcat 5.5.9-5.5.26 and 6.0.0-6.0.16 - Cross-Site Scripting via Hostname Parameter
Jun 04, 2008
EPSS 0.10
CVE-2008-2168
Apache HTTP Server <= 2.2.6 - Cross-Site Scripting via UTF-7 Encoded URLs
May 13, 2008
EPSS 0.55
CVE-2008-0732
Apache Geronimo - Improper Link Resolution Before File Access via chown Operation
Feb 12, 2008
EPSS 0.01
CVE-2008-0002
Apache Tomcat <6.0.16 - Info Disclosure
Feb 12, 2008
EPSS 0.05
CVE-2008-0455
Apache HTTP Server < 2.2.23 - Authenticated Cross-Site Scripting via mod_negotiation
Jan 25, 2008
EPSS 0.65
CVE-2008-0456
Apache HTTP Server 1.3.0-1.3.39, 2.0.0-2.0.61, 2.2.0-2.2.6 - HTTP Response Splitting via Multiline Filename Upload
Jan 25, 2008
EPSS 0.19