Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,902 tracked vulnerabilities.

CVE-2021-42357 MEDIUM

Apache Knox < 1.6.1 - Open Redirect via Crafted Request Parameter

CVE-2021-43999 HIGH

Apache Guacamole <1.3.0 - Privilege Escalation

CVE-2021-41767 MEDIUM

Apache Guacamole < 1.3.0 - Authenticated Exposure of Sensitive Information via REST Response

CVE-2021-43297 CRITICAL

Apache Dubbo <2.6.12, <2.7.15, <3.0 - Code Injection

CVE-2021-43045 HIGH

Apache Avro < 1.11.0 - Denial of Service via Resource Allocation

CVE-2021-45458 HIGH

Apache Kylin <2.6.6, <3.1.2 - Info Disclosure

CVE-2021-45457 HIGH

Apache Kylin 2.0.0-2.6.6, 3.0.0-3.1.2, 4.0.0 - Incorrect Authorization via Cross-Origin Request Handling

CVE-2021-45456 CRITICAL

Apache Kylin 4.0.0 - Command Injection via Project Name Parameter

CVE-2021-36774 MEDIUM

Apache Kylin 2.0.0-2.6.6 and 3.0.0-3.1.2 - Remote Code Execution via MySQL JDBC Driver Properties

CVE-2021-31522 CRITICAL

Apache Kylin <2.6.6, <3.1.2, <4.0.0 - RCE

CVE-2021-27738 HIGH

Apache Kylin <3.1.2 - Coordinator API Access and Server-Side Request Forgery

CVE-2021-36739 MEDIUM

Apache Pluto 3.1.0 - Cross-Site Scripting in MVCBean JSP Portlet Archetype

CVE-2021-36738 MEDIUM

Apache Pluto < 3.1.1 - Cross-Site Scripting in Applicant MVCBean CDI Portlet

CVE-2021-36737 MEDIUM

Apache Pluto < 3.1.1 - Cross-Site Scripting in UrlTestPortlet Input Fields

CVE-2021-40525 CRITICAL

Apache James <3.6.1 - Path Traversal

CVE-2021-40111 MEDIUM

Apache James < 3.6.1 - Authenticated Denial of Service via Crafted IMAP APPEND and STATUS Commands

CVE-2021-40110 HIGH

Apache James < 3.6.1 - Denial of Service via IMAP LIST Command Regular Expression

CVE-2021-38542 MEDIUM

Apache James <3.6.1 - Command Injection

CVE-2021-34797 HIGH

Apache Geode < 1.12.4 and 1.13.4 - Sensitive Information Exposure in Log Files

CVE-2021-44832 MEDIUM

Apache Log4j 2.0-beta7-2.17.0 - Remote Code Execution via JDBC Appender JNDI LDAP Data Source

CVE-2021-45232 CRITICAL NUCLEI

Apache APISIX Dashboard < 2.10.1 - Unauthenticated API Access via Gin Framework Bypass

CVE-2021-44548 CRITICAL

Apache Solr < 8.11.1 - Path Traversal via DataImportHandler Windows UNC Path

CVE-2021-44790 CRITICAL

Apache HTTP Server < 2.4.52 - Buffer Overflow in mod_lua Multipart Parser

CVE-2021-44224 HIGH

Apache HTTP Server 2.4.7-2.4.51 - NULL Pointer Dereference and Server-Side Request Forgery via Forward Proxy

CVE-2021-41561 HIGH

Apache Parquet-MR 1.9.0-1.11.1 and 1.12.0 - Denial of Service via Malicious Parquet File

Previous Page 48 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy