Apache

2,736 tracked vulnerabilities.

CVE-2024-22281 HIGH
Apache Helix Front (UI) - Info Disclosure
Aug 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-42362 HIGH
Apache Hertzbeat < 1.6.0 - Insecure Deserialization
Aug 20, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-42361 HIGH
Apache Hertzbeat < 1.6.0 - SQL Injection
Aug 20, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-43202 CRITICAL
Apache DolphinScheduler <3.2.2 - RCE
Aug 20, 2024
CVSS 9.8
EPSS 0.04
CVE-2024-41909 MEDIUM
Apache MINA SSHD <2.12.0 - DoS
Aug 12, 2024
CVSS 5.9
EPSS 0.00
CVE-2024-41890 MEDIUM
Apache Answer < 1.3.6 - Resource Leak
Aug 12, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-41888 MEDIUM
Apache Answer < 1.3.6 - Resource Leak
Aug 12, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-30188 HIGHNUCLEI
Apache DolphinScheduler <3.2.2 - Info Disclosure
Aug 12, 2024
CVSS 8.1
EPSS 0.88
CVE-2024-29831 HIGH
Apache DolphinScheduler - RCE
Aug 12, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-42222 MEDIUM
Apache Cloudstack - Information Disclosure
Aug 07, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-42062 HIGH
Apache Cloudstack < 4.18.2.3 - Incorrect Authorization
Aug 07, 2024
CVSS 7.2
EPSS 0.00
CVE-2024-36448 HIGH
Apache IoTDB Workbench <0.13.0 - SSRF
Aug 05, 2024
CVSS 7.3
EPSS 0.00
CVE-2024-38856 CRITICALKEV
Apache OFBiz forgotPassword/ProgramExport RCE
Aug 05, 2024
CVSS 9.8
EPSS 0.94
CVE-2024-42447 CRITICAL
Apache Airflow Providers FAB - Info Disclosure
Aug 05, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-36268 CRITICAL
Apache InLong <1.12.0 - Code Injection
Aug 02, 2024
CVSS 9.8
EPSS 0.07
CVE-2024-27182 MEDIUM
Apache Linkis <=1.5.0 - Privilege Escalation
Aug 02, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-27181 HIGH
Apache Linkis <=1.5.0 - Privilege Escalation
Aug 02, 2024
CVSS 8.8
EPSS 0.00
CVE-2023-48396 CRITICAL
Apache SeaTunnel <1.0.1 - Auth Bypass
Jul 30, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-35296 HIGH
Apache Traffic Server < 8.1.11 - Improper Input Validation
Jul 26, 2024
CVSS 8.2
EPSS 0.00
CVE-2024-35161 HIGH
Apache Traffic Server < 8.1.11 - HTTP Request Smuggling
Jul 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-38522 HIGH
Apache Traffic Server <8.1.10, <9.2.4 - SSRF
Jul 26, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-25090 MEDIUM
Apache Roller - XSS
Jul 26, 2024
CVSS 5.4
EPSS 0.01
CVE-2024-39676 HIGH
Apache Pinot < 1.0.0 - Information Disclosure
Jul 24, 2024
CVSS 7.5
EPSS 0.00
CVE-2023-48362 HIGH
Apache Drill < 1.21.2 - XXE
Jul 24, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-41178 HIGH
Apache Arrow < 0.10.1 - Log Information Exposure
Jul 23, 2024
CVSS 7.5
EPSS 0.00
Products
http_server 306 tomcat 237 airflow 101 struts 90 traffic_server 80 superset 68 openoffice 60 ofbiz 57 activemq 51 subversion 47 solr 46 nifi 44 cxf 43 cloudstack 38 hadoop 37 inlong 32 camel 31 ambari 26 tika 25 openmeetings 25 jspwiki 24 dolphinscheduler 24 geode 23 zeppelin 22 ranger 21 spark 21 kylin 21 couchdb 20 fineract 20 hive 20
Quick Filters
Critical CVEs With Exploits In CISA KEV