apache

2,899 tracked vulnerabilities.

CVE-2023-31065 CRITICAL
Apache InLong <1.7.0 - Info Disclosure
May 22, 2023
CVSS 9.1
EPSS 0.00
CVE-2023-31064 HIGH
Apache InLong <1.7.0 - Info Disclosure
May 22, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-31062 CRITICAL
Apache InLong <1.7.0 - Privilege Escalation
May 22, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-31454 HIGH
Apache InLong <1.7.0 - Privilege Escalation
May 22, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-31453 HIGH
Apache InLong <1.7.0 - Privilege Escalation
May 22, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-31206 HIGH
Apache InLong <1.7.0 - Privilege Escalation
May 22, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-31058 HIGH
Apache InLong <1.6.0 - Deserialization
May 22, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-28709 HIGH
Apache Tomcat <11.0.0-M4, 10.1.7, 9.0.73, 8.5.87 - DoS
May 22, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-29246 HIGH
Apache OpenMeetings <7.1.0 - Privilege Escalation
May 12, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-29032 HIGH
Apache OpenMeetings <7.1.0 - Info Disclosure
May 12, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-28936 MEDIUM
Apache OpenMeetings <7.1.0 - Info Disclosure
May 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-25754 CRITICAL
Apache Airflow <2.6.0 - Privilege Escalation
May 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-29247 MEDIUM
Apache Airflow < 2.6.0 - Stored Cross-Site Scripting in Task Instance Details Page
May 08, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-31039 CRITICAL
Apache bRPC < 1.5.0 - Remote Code Execution via ServerOptions pid_file Parameter
May 08, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-31038 HIGH
Apache Log4cxx 0.9.0-1.0.0 - SQL Injection via ODBC Appender
May 08, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-26268 MEDIUM
Apache CouchDB < 3.2.3 - Exposure of Sensitive Information via Shared Javascript Environment in Design Documents
May 02, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-32007 HIGH
Apache Spark UI - Privilege Escalation
May 02, 2023
CVSS 8.8
EPSS 0.92
CVE-2023-22665 MEDIUM
Apache Jena < 4.8.0 - Remote Code Execution via SPARQL Query
Apr 25, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-30776 MEDIUM
Apache Superset 1.3.0-2.0.1 - Authenticated Database Password Exposure via REST API
Apr 24, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-27524 HIGH KEVNUCLEI
Apache Superset Signed Cookie Priv Esc
Apr 24, 2023
CVSS 8.9
EPSS 0.84
CVE-2023-25601 MEDIUM
Apache DolphinScheduler 3.0.0-3.1.1 - Unauthenticated Improper Authentication via Python Gateway
Apr 20, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-27525 LOW
Apache Superset <= 2.0.1 - Authenticated Metadata Exposure via Non-Trivial Methods
Apr 17, 2023
CVSS 3.1
EPSS 0.01
CVE-2023-25504 MEDIUM
Apache Superset <= 2.0.1 - Authenticated Server-Side Request Forgery via Import Dataset Feature
Apr 17, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-30771 CRITICAL
Apache IoTDB Web Workbench 0.13.3 - Incorrect Authorization
Apr 17, 2023
CVSS 9.8
EPSS 0.00
CVE-2023-22946 MEDIUM
Apache Spark < 3.4.0 - Privilege Escalation via Malicious Classpath Configuration
Apr 17, 2023
CVSS 6.4
EPSS 0.00
Products
http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 nifi 46 solr 46 cloudstack 45 cxf 43 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20
Quick Filters
Critical CVEs With Exploits In CISA KEV