Apache
2,736 tracked vulnerabilities.
CVE-2024-32113
CRITICALKEVNUCLEI
Apache OFBiz <18.12.13 - Path Traversal
May 08, 2024
CVSS 9.8
EPSS 0.94
CVE-2024-26579
CRITICAL
Apache Inlong < 1.12.0 - Insecure Deserialization
May 08, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-28148
MEDIUM
Apache Superset < 4.0.0 - Incorrect Authorization
May 07, 2024
CVSS 4.3
EPSS 0.00
CVE-2023-35701
MEDIUM
Apache Hive < 4.0.0 - Code Injection
May 03, 2024
CVSS 6.6
EPSS 0.01
CVE-2024-32638
MEDIUM
Apache Apisix - HTTP Request Smuggling
May 02, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-32114
HIGH
Apache ActiveMQ 6.x - Info Disclosure
May 02, 2024
CVSS 8.5
EPSS 0.02
CVE-2024-27349
CRITICAL
Apache HugeGraph-Server <1.3.0 - Auth Bypass
Apr 22, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-27348
CRITICALKEVNUCLEI
Apache HugeGraph-Server - Remote Command Execution
Apr 22, 2024
CVSS 9.8
EPSS 0.94
CVE-2024-27347
MEDIUM
Apache HugeGraph-Hubble <1.3.0 - SSRF
Apr 22, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-29733
LOW
Apache Airflow FTP Provider <3.7.0 - Certificate Validation
Apr 21, 2024
CVSS 2.7
EPSS 0.00
CVE-2024-29217
MEDIUM
Apache Answer <1.3.0 - XSS
Apr 21, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-31869
MEDIUM
Airflow <2.9 - Info Disclosure
Apr 18, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-31391
MEDIUM
Apache Solr Operator < 0.8.1 - Log Information Exposure
Apr 12, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-27309
HIGH
Apache Kafka - Info Disclosure
Apr 12, 2024
CVSS 7.4
EPSS 0.00
CVE-2024-31309
HIGH
Apache Traffic Server < 8.1.10 - Improper Input Validation
Apr 10, 2024
CVSS 7.5
EPSS 0.02
CVE-2024-31867
MEDIUM
Apache Zeppelin <0.11.1 - SQL Injection
Apr 09, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-31868
MEDIUM
Apache Zeppelin <0.11.1 - XSS
Apr 09, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-31866
CRITICAL
Apache Zeppelin <0.11.1 - RCE
Apr 09, 2024
CVSS 9.8
EPSS 0.02
CVE-2024-31865
MEDIUM
Apache Zeppelin <0.11.1 - Privilege Escalation
Apr 09, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-31864
CRITICAL
Apache Zeppelin <0.11.1 - Code Injection
Apr 09, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-31863
MEDIUM
Apache Zeppelin <0.11.0 - Auth Bypass
Apr 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-31862
MEDIUM
Apache Zeppelin <0.11.0 - Info Disclosure
Apr 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2022-47894
MEDIUM
Apache Zeppelin < 0.11.0 - Improper Input Validation
Apr 09, 2024
CVSS 5.3
EPSS 0.00
CVE-2021-28656
MEDIUM
Apache Zeppelin < 0.9.0 - CSRF
Apr 09, 2024
CVSS 5.4
EPSS 0.02
CVE-2024-31860
MEDIUM
Apache Zeppelin <0.11.0 - Info Disclosure
Apr 09, 2024
CVSS 6.5
EPSS 0.01
Products
http_server 306
tomcat 237
airflow 101
struts 90
traffic_server 80
superset 68
openoffice 60
ofbiz 57
activemq 51
subversion 47
solr 46
nifi 44
cxf 43
cloudstack 38
hadoop 37
inlong 32
camel 31
ambari 26
tika 25
openmeetings 25
jspwiki 24
dolphinscheduler 24
geode 23
zeppelin 22
ranger 21
spark 21
kylin 21
couchdb 20
fineract 20
hive 20
Quick Filters