Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,904 tracked vulnerabilities.

CVE-2019-12404 MEDIUM

Apache JSPWiki < 2.11.0.M5 - Cross-Site Scripting via Plugin Link Invocation

CVE-2019-10089 MEDIUM

Apache JSPWiki < 2.11.0.M5 - Cross-Site Scripting via WYSIWYG Editor Plugin Link

CVE-2019-10087 MEDIUM

Apache JSPWiki < 2.11.0.M5 - Cross-Site Scripting via Plugin Link Invocation

CVE-2019-10071 CRITICAL

Apache Tapestry - Timing Side Channel in HMAC Verification

CVE-2019-0207 HIGH

Apache Tapestry 5.4.0-5.4.4 and tapestry-core 5.4.0-5.4.5 - Path Traversal via Backslash Character

CVE-2019-0195 CRITICAL

Apache Tapestry 5.4.0-5.4.2 and 5.4.0-5.4.4 - Remote Code Execution via Classpath Asset File URL Manipulation

CVE-2019-10074 CRITICAL

Apache OFBiz 16.11.01-16.11.04 - Remote Code Execution via Freemarker Markup in Form Widget Textarea

CVE-2019-10073 MEDIUM

Apache OFBiz 16.11.01-16.11.05 - Stored Cross-Site Scripting in ecommerce Template Screens

CVE-2019-0189 CRITICAL

Apache OFBiz 16.11.01-16.11.05 - Remote Code Execution via HttpEngine ServiceContext Deserialization

CVE-2019-12401 HIGH

Apache Solr 1.3.0-1.4.1, 3.1.0-3.6.2, 4.0.0-4.10.4 - XML Entity Expansion via Update Handler

CVE-2019-12405 CRITICAL

Apache Traffic Control <3.0.1 - Auth Bypass

CVE-2019-12402 HIGH

Apache Commons Compress <1.19 - DoS

CVE-2019-15752 HIGH KEV

Docker Desktop Community Edition < 2.1.0.1 - Privilege Escalation via Trojan Horse docker-credential-wincred.exe

CVE-2019-15544 HIGH

rust-protobuf < 1.7.5 and protobuf < 2.6.0 - Denial of Service via Vec::reserve Memory Exhaustion

CVE-2019-12400 MEDIUM

Apache Santuario XML Security for Java <2.0.3 - Info Disclosure

CVE-2019-10086 HIGH

Apache Commons Beanutils 1.9.2 - Info Disclosure

CVE-2019-10081 HIGH

Apache HTTP Server 2.4.20-2.4.39 - Out-of-bounds Write via H2PushResource

CVE-2019-9518 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood

CVE-2019-9517 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation

CVE-2019-9516 MEDIUM

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak

CVE-2019-9515 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood

CVE-2019-9514 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood

CVE-2019-9513 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation

CVE-2019-9512 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood

CVE-2019-9511 HIGH

SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation

Previous Page 65 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy