apache

2,904 tracked vulnerabilities.

CVE-2019-0194 HIGH
Apache Camel 2.0.0-2.19.0 and 2.21.0-2.21.4 - Path Traversal
Apr 30, 2019
CVSS 7.5
EPSS 0.02
CVE-2019-0186 MEDIUM
Apache Pluto Chat Room Demo 3.0.0-3.0.1 - Cross-Site Scripting
Apr 26, 2019
CVSS 6.1
EPSS 0.06
CVE-2019-2684 MEDIUM
Oracle JDK and JRE - Unauthenticated Data Manipulation via RMI
Apr 23, 2019
CVSS 5.9
EPSS 0.01
CVE-2019-0223 HIGH
Apache Qpid 0.9-0.27.0 - Unauthenticated TLS Peer Certificate Verification Bypass
Apr 23, 2019
CVSS 7.4
EPSS 0.00
CVE-2019-0218 MEDIUM
Apache Pony Mail 0.8-0.9 - Reflected Cross-Site Scripting via Crafted URL
Apr 22, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-10241 MEDIUM
Eclipse Jetty <= 9.2.26, <= 9.3.25, <= 9.4.15 - Cross-Site Scripting via Directory Listing
Apr 22, 2019
CVSS 6.1
EPSS 0.10
CVE-2019-0228 CRITICAL
Apache PDFBox 2.0.14 - XML External Entity Injection via XFDF
Apr 17, 2019
CVSS 9.8
EPSS 0.13
CVE-2019-0232 HIGH NUCLEI
Apache Tomcat 7.0.0-7.0.93, 8.5.0-8.5.39, 9.0.0.M1-9.0.17 - Remote Code Execution via CGI Servlet
Apr 15, 2019
CVSS 8.1
EPSS 0.94
CVE-2019-0229 HIGH
Apache Airflow < 1.10.2 - Cross-Site Request Forgery
Apr 10, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-0216 MEDIUM
Apache Airflow < 1.10.2 - Stored Cross-Site Scripting via Metadata Database Manipulation
Apr 10, 2019
CVSS 4.8
EPSS 0.01
CVE-2019-0199 HIGH
Apache Tomcat 8.5.0-8.5.37 and 9.0.0.M1-9.0.14 - Denial of Service via HTTP/2 Stream Exhaustion
Apr 10, 2019
CVSS 7.5
EPSS 0.66
CVE-2019-0211 HIGH KEV
Apache HTTP Server 2.4.17-2.4.38 - Use-After-Free in Scoreboard
Apr 08, 2019
CVSS 7.8
EPSS 0.90
CVE-2019-0217 HIGH
Apache HTTP Server < 2.4.38 - Authentication Bypass via Race Condition in mod_auth_digest
Apr 08, 2019
CVSS 7.5
EPSS 0.43
CVE-2019-0215 HIGH
Apache HTTP Server <2.4.39 - Auth Bypass
Apr 08, 2019
CVSS 7.5
EPSS 0.06
CVE-2019-0225 HIGH
Apache JSPWiki 2.9.0-2.11.0.M2 - Path Traversal via Specially Crafted URL
Mar 28, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-0222 HIGH
Apache ActiveMQ <5.15.8 - Info Disclosure
Mar 28, 2019
CVSS 7.5
EPSS 0.09
CVE-2019-0212 HIGH
Apache HBase <2.0.5-2.1.4 - Privilege Escalation
Mar 28, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-0224 MEDIUM
Apache JSPWiki 2.9.0-2.11.0.M2 - Cross-Site Scripting via Crafted URL
Mar 28, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-0204 HIGH
Apache Mesos <1.4.x, 1.4.0-1.4.2, 1.5.0-1.5.2, 1.6.0-1.6.1, 1.7.0-1...
Mar 25, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-0191 MEDIUM
Apache Karaf < 4.2.3 - Path Traversal and Arbitrary File Write via Malicious .kar Archive
Mar 21, 2019
CVSS 6.5
EPSS 0.04
CVE-2019-0192 CRITICAL NUCLEI
Apache Solr 5.0.0-5.5.5 and 6.0.0-6.6.5 - Remote Code Execution via JMX Config API
Mar 07, 2019
CVSS 9.8
EPSS 0.94
CVE-2019-0200 HIGH
Apache Qpid Broker-J 6.0.0-7.0.6 and 7.1.0 - Unauthenticated Denial of Service via AMQP Protocol Versions Below 1.0
Mar 06, 2019
CVSS 7.5
EPSS 0.03
CVE-2019-0187 CRITICAL
Apache JMeter < 5.1 - Unauthenticated Remote Code Execution via RMI Deserialization
Mar 06, 2019
CVSS 9.8
EPSS 0.01
CVE-2019-5736 HIGH
Docker Container Escape Via runC Overwrite
Feb 11, 2019
CVSS 8.6
EPSS 0.59
CVE-2019-6111 MEDIUM
OpenSSH < 7.9 - Arbitrary File Write via Malicious SCP Server
Jan 31, 2019
CVSS 5.9
EPSS 0.54
Products
http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20
Quick Filters
Critical CVEs With Exploits In CISA KEV