Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,904 tracked vulnerabilities.

CVE-2019-10080 MEDIUM

Apache NiFi 1.3.0-1.9.2 - XML External Entity Injection in XMLFileLookupService

CVE-2019-12422 HIGH

Apache Shiro <1.4.2 - Info Disclosure

CVE-2019-12409 CRITICAL

Apache Solr 8.1.1-8.2.0 - Unauthenticated Remote Code Execution via Insecure JMX Configuration

CVE-2019-10070 MEDIUM

Apache Atlas 0.8.3 and 1.1.0 - Stored Cross-Site Scripting in Search Functionality

CVE-2019-10172 HIGH

org.codehaus.jackson:jackson-mapper-asl:1.9.x - XXE

CVE-2019-12410 HIGH

Apache Arrow <0.14.1 - Memory Corruption

CVE-2019-12408 HIGH

Apache Arrow <0.14.1 - Memory Corruption

CVE-2019-12419 CRITICAL

Oracle Retail Order Broker - Incorrect Authorization in OpenId Connect Access Token Service

CVE-2019-12406 MEDIUM

Apache CXF < 3.2.11 - Denial of Service via Unrestricted Message Attachments

CVE-2019-10084 HIGH

Apache Impala 2.7.0-3.2.0 - Auth Bypass

CVE-2019-12417 MEDIUM

Apache Airflow < 1.10.5 - Authenticated Stored Cross-Site Scripting and Local File Disclosure

CVE-2019-0210 HIGH

Apache Thrift 0.9.3-0.12.0 - Out-of-bounds Read via Invalid JSON Input

CVE-2019-0205 HIGH

Apache Thrift <= 0.12.0 - Denial of Service via Infinite Loop

CVE-2019-12415 MEDIUM

Apache POI < 4.1.0 - XML External Entity Injection via XSSFExportToXml

CVE-2019-10079 HIGH

Apache Traffic Server <7.1.7-8.0.4 - DoS

CVE-2019-17195 CRITICAL

Connect2id Nimbus JOSE+JWT < 7.9 - Denial of Service and Authentication Bypass via JWT Parsing

CVE-2019-17359 HIGH

Bouncycastle Bc-java < 3.0.2.1 - Resource Allocation Without Limits

CVE-2019-0231 HIGH

Apache MINA < 2.0.21 and 2.1.0 - Cleartext Transmission of Sensitive Information via SSL/TLS Connection Handling

CVE-2019-10097 HIGH

Apache HTTP Server 2.4.32-2.4.39 - Buffer Overflow

CVE-2019-10092 MEDIUM NUCLEI

Apache HTTP Server 2.4.0-2.4.39 - Cross-Site Scripting in mod_proxy Error Page

CVE-2019-10082 CRITICAL

Apache HTTP Server <2.4.40 - Use After Free

CVE-2019-0203 HIGH

Apache Subversion <= 1.9.10, 1.10.4, 1.12.0 - Denial of Service via Protocol Command Sequence

CVE-2019-10098 MEDIUM NUCLEI

Apache HTTP Server 2.4.0-2.4.39 - Open Redirect via Encoded Newlines in mod_rewrite

CVE-2019-12407 MEDIUM

Apache JSPWiki < 2.11.0.M5 - Cross-Site Scripting via Remember Parameter

CVE-2019-10090 MEDIUM

Apache JSPWiki < 2.11.0.M5 - Cross-Site Scripting via Plugin Link Invocation

Previous Page 64 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy