Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,902 tracked vulnerabilities.

CVE-2020-17526 HIGH NUCLEI

Apache Airflow Webserver <1.10.14 - Info Disclosure

CVE-2020-17520 MEDIUM

Pulsar manager <0.1.0 - Auth Bypass

CVE-2020-11974 CRITICAL

Apache DolphinScheduler 1.2.0-1.2.1 - Remote Code Execution via MySQL ConnectorJ

CVE-2020-28052 HIGH

Legion of the Bouncy Castle BC Java <1.67 - Info Disclosure

CVE-2020-13931 CRITICAL

Apache TomEE <8.0.4 - Unauthenticated RCE

CVE-2020-26259 MEDIUM

XStream <1.4.15 - File Deletion

CVE-2020-26258 MEDIUM NUCLEI

XStream <1.4.15 - Server-Side Request Forgery via XML Unmarshalling

CVE-2020-17513 MEDIUM

Apache Airflow < 1.10.13 - Server-Side Request Forgery via Charts and Query View

CVE-2020-17511 MEDIUM

Apache Airflow < 1.10.13 - Cleartext Storage of Sensitive Information in Log Table

CVE-2020-17515 MEDIUM

Apache Airflow < 1.10.15 - Cross-Site Scripting via Origin Parameter

CVE-2020-17530 CRITICAL KEVNUCLEI

Apache Struts 2 Forced Multi OGNL Evaluation

CVE-2020-17529 CRITICAL

Apache NuttX <9.1.0, 10.0.0 - Memory Corruption

CVE-2020-17528 CRITICAL

Apache NuttX <10.0.0 - Memory Corruption

CVE-2020-17531 CRITICAL

Apache Tapestry 4 - Deserialization

CVE-2020-17521 MEDIUM

Apache Groovy <4.0.0 - Info Disclosure

CVE-2020-13945 MEDIUM NUCLEI

Apache APISIX <1.6 - Privilege Escalation

CVE-2020-17527 HIGH

Apache Tomcat <10.0.0-M9, 9.0.39, 8.5.59 - Info Disclosure

CVE-2020-25649 HIGH

jackson-databind 2.6.0-2.6.7.3 - XML External Entity Injection

CVE-2020-13956 MEDIUM

Apache HttpClient <4.5.13, 5.0.3 - SSRF

CVE-2020-11990 LOW

Cordova (Android) - Info Disclosure

CVE-2020-27218 MEDIUM

Eclipse Jetty 9.4.0-9.4.34 - Sensitive Information Exposure via GZIP Request Body Reuse

CVE-2020-13942 CRITICAL NUCLEI

Apache Unomi 1.5.0-1.5.1 - Unauthenticated Remote Code Execution via /context.json Endpoint

CVE-2020-13958 HIGH

Apache OpenOffice 4.0.0-4.1.7 - Unauthenticated Arbitrary Executable Execution via Hyperlink in Scripting Events

CVE-2020-26217 HIGH NUCLEI

XStream < 1.4.14 - Remote Code Execution via Blocklist Bypass

CVE-2020-13954 MEDIUM

Apache CXF < 3.3.8 - Reflected Cross-Site Scripting via styleSheetPath

Previous Page 57 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy