Apache

2,736 tracked vulnerabilities.

CVE-2024-31141 MEDIUM
Apache Kafka Clients - Improper Privilege Management
Nov 19, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-52318 MEDIUM
Apache Tomcat <11.0.1-9.0.97 - Memory Corruption
Nov 18, 2024
CVSS 6.1
EPSS 0.12
CVE-2024-52317 MEDIUM
Apache Tomcat <11.0.0-M26,<10.1.30,<9.0.95 - Memory Corruption
Nov 18, 2024
CVSS 6.5
EPSS 0.17
CVE-2024-52316 CRITICAL
Apache Tomcat - Unchecked Error Condition
Nov 18, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-48962 HIGH
Apache Ofbiz < 18.12.17 - CSRF
Nov 18, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-47208 CRITICAL
Apache OFBiz <18.12.17 - SSRF/Code Injection
Nov 18, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-45791 HIGH
Apache Hertzbeat < 1.6.1 - Information Disclosure
Nov 18, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-45505 HIGH
Apache HertzBeat <1.6.1 - Command Injection
Nov 18, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-41151 HIGH
Apache Hertzbeat < 1.6.1 - Insecure Deserialization
Nov 18, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45784 HIGH
Apache Airflow <2.10.3 - Info Disclosure
Nov 15, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-50306 CRITICAL
Apache Traffic Server <9.2.6, <10.0.2 - Privilege Escalation
Nov 14, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-50305 HIGH
Apache Traffic Server < 9.2.6 - Improper Input Validation
Nov 14, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-38479 HIGH
Apache Traffic Server <9.2.11 - Info Disclosure
Nov 14, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-50386 HIGH
Apache Cloudstack < 4.18.2.5 - Improper Input Validation
Nov 12, 2024
CVSS 8.5
EPSS 0.01
CVE-2024-50378 MEDIUM
Airflow <2.10.3 - Info Disclosure
Nov 08, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-51504 CRITICAL
Apache Zookeeper < 3.9.3 - Authentication Bypass by Spoofing
Nov 07, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-38286 HIGH
Apache Tomcat <11.0.0-M21 - Allocation of Resources Without Limits ...
Nov 07, 2024
CVSS 8.6
EPSS 0.00
CVE-2024-23590 CRITICAL
Apache Kylin <5.0.0 - Session Fixation
Nov 04, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-43383 HIGH
Apache Lucene.net < 4.8.0-beta00017 - Insecure Deserialization
Oct 31, 2024
CVSS 8.0
EPSS 0.04
CVE-2024-45477 MEDIUM
Apache NiFi <1.28.0-<2.0.0-M4 - XSS
Oct 29, 2024
CVSS 4.6
EPSS 0.01
CVE-2024-45031 MEDIUM
Syncope <3.0.9 - XSS
Oct 24, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-45693 HIGH
Apache Cloudstack < 4.18.2.4 - CSRF
Oct 16, 2024
CVSS 8.0
EPSS 0.00
CVE-2024-45462 MEDIUM
Apache CloudStack <4.18.2.3 & <4.19.1.1 - Info Disclosure
Oct 16, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-45461 MEDIUM
Apache CloudStack <4.18.2.3 & <4.19.1.1 - Privilege Escalation
Oct 16, 2024
CVSS 5.7
EPSS 0.00
CVE-2024-45219 HIGH
Apache CloudStack <4.18.2.3-4.19.1.1 - Info Disclosure
Oct 16, 2024
CVSS 8.5
EPSS 0.00
Products
http_server 306 tomcat 237 airflow 101 struts 90 traffic_server 80 superset 68 openoffice 60 ofbiz 57 activemq 51 subversion 47 solr 46 nifi 44 cxf 43 cloudstack 38 hadoop 37 inlong 32 camel 31 ambari 26 tika 25 openmeetings 25 jspwiki 24 dolphinscheduler 24 geode 23 zeppelin 22 ranger 21 spark 21 kylin 21 couchdb 20 fineract 20 hive 20
Quick Filters
Critical CVEs With Exploits In CISA KEV