Apache

2,736 tracked vulnerabilities.

CVE-2024-37389 MEDIUM
Apache Nifi < 1.27.0 - XSS
Jul 08, 2024
CVSS 4.6
EPSS 0.01
CVE-2024-39864 CRITICAL
Apache Cloudstack < 4.18.2.1 - Code Injection
Jul 05, 2024
CVSS 9.8
EPSS 0.05
CVE-2024-38346 CRITICAL
CloudStack - Command Injection
Jul 05, 2024
CVSS 9.8
EPSS 0.05
CVE-2024-39884 MEDIUM
Apache HTTP Server <2.4.60 - Info Disclosure
Jul 04, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-34750 HIGH
Apache Tomcat < 9.0.90 - Improper Exception Handling
Jul 03, 2024
CVSS 7.5
EPSS 0.17
CVE-2024-39573 HIGH
Apache HTTP Server < 2.4.60 - Improper Input Validation
Jul 01, 2024
CVSS 7.5
EPSS 0.03
CVE-2024-38477 HIGH
Apache HTTP Server <2.4.60 - Null Pointer Dereference
Jul 01, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-38476 CRITICAL
Apache HTTP Server <2.4.60 - Info Disclosure/SSRF
Jul 01, 2024
CVSS 9.8
EPSS 0.03
CVE-2024-38475 CRITICALKEVNUCLEI
Apache HTTP Server <2.4.59 - RCE
Jul 01, 2024
CVSS 9.1
EPSS 0.93
CVE-2024-38474 CRITICAL
Apache HTTP Server <2.4.59 - RCE
Jul 01, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-38473 HIGHNUCLEI
Apache HTTP Server <2.4.60 - Open Redirect
Jul 01, 2024
CVSS 8.1
EPSS 0.88
CVE-2024-38472 HIGHNUCLEI
Apache HTTP Server <2.4.60 - SSRF
Jul 01, 2024
CVSS 7.5
EPSS 0.90
CVE-2024-36387 MEDIUM
HTTP/2 - Memory Corruption
Jul 01, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-29868 CRITICALNUCLEI
Apache StreamPipes <0.95.0 - Info Disclosure
Jun 24, 2024
CVSS 9.1
EPSS 0.75
CVE-2024-27136 MEDIUM
Apache JSPWiki <2.12.2 - XSS
Jun 24, 2024
CVSS 6.1
EPSS 0.39
CVE-2024-38379 MEDIUM
Apache Allura <1.17.0 - XSS
Jun 22, 2024
CVSS 4.8
EPSS 0.02
CVE-2024-34693 MEDIUM
Apache Superset < 3.1.3 - Improper Input Validation
Jun 20, 2024
CVSS 6.8
EPSS 0.12
CVE-2024-25142 MEDIUM
Apache Airflow <2.9.2 - Info Disclosure
Jun 14, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-36265 CRITICAL
Apache Submarine Server Core <0.8.0 - Incorrect Authorization
Jun 12, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-36264 CRITICAL
Apache Submarine Commons Utils <0.8.0 - Auth Bypass
Jun 12, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-36263 HIGH
Apache Submarine Server Core - SQL Injection
Jun 12, 2024
CVSS 8.1
EPSS 0.01
CVE-2024-36471 HIGH
Apache Allura <1.17.0 - SSRF
Jun 10, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-36104 CRITICALNUCLEI
Apache OFBiz <18.12.14 - Path Traversal
Jun 04, 2024
CVSS 9.1
EPSS 0.94
CVE-2024-32077 MEDIUM
Apache Airflow <2.9.1 - Code Injection
May 14, 2024
CVSS 5.4
EPSS 0.05
CVE-2024-34365 CRITICAL
Apache Karaf Cave - Improper Input Validation
May 14, 2024
CVSS 9.1
EPSS 0.00
Products
http_server 306 tomcat 237 airflow 101 struts 90 traffic_server 80 superset 68 openoffice 60 ofbiz 57 activemq 51 subversion 47 solr 46 nifi 44 cxf 43 cloudstack 38 hadoop 37 inlong 32 camel 31 ambari 26 tika 25 openmeetings 25 jspwiki 24 dolphinscheduler 24 geode 23 zeppelin 22 ranger 21 spark 21 kylin 21 couchdb 20 fineract 20 hive 20
Quick Filters
Critical CVEs With Exploits In CISA KEV