Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,904 tracked vulnerabilities.

CVE-2018-17195 HIGH

Apache NiFi 1.0.0-1.7.1 - Cross-Site Request Forgery via Template Upload API

CVE-2018-17194 HIGH

Apache NiFi 1.0.0-1.7.1 - Denial of Service via DELETE Request Content-Length Handling

CVE-2018-17193 MEDIUM

Apache NiFi 1.0.0-1.7.1 - Reflected Cross-Site Scripting via X-ProxyContextPath Header

CVE-2018-17192 MEDIUM

Apache NiFi <1.8.0 - Info Disclosure

CVE-2018-8033 HIGH NUCLEI

Apache OFBiz 16.11.01-16.11.04 - Info Disclosure

CVE-2018-11766 HIGH

Apache Hadoop <2.7.7 - Privilege Escalation

CVE-2018-17190 CRITICAL

Apache Spark - Unauthenticated Remote Code Execution via Master Host

CVE-2018-8009 HIGH

Apache Hadoop Path Traversal via Zip Slip

CVE-2018-17187 HIGH

Apache Qpid Proton-J 0.3-0.29.0 - Improper Certificate Validation in TLS Transport Wrapper

CVE-2018-1314 MEDIUM

Apache Hive < 2.3.3 and 3.1.0 - Missing Authorization for EXPLAIN Operation

CVE-2018-11777 HIGH

Apache Hive <2.3.3, <3.1.0 - Info Disclosure

CVE-2018-8021 CRITICAL

Apache Superset < 0.23 - Remote Code Execution via Pickle Deserialization

CVE-2018-17186 HIGH

Apache Syncope - XML External Entity Injection

CVE-2018-17184 MEDIUM

Apache Syncope - Stored Cross-Site Scripting

CVE-2018-11759 HIGH NUCLEI

Apache Tomcat JK Connector 1.2.0-1.2.44 - Path Traversal via Request Path Normalization

CVE-2018-11792 CRITICAL

Apache Impala < 3.0.1 - Incorrect Permission Assignment for Critical Resource

CVE-2018-11785 MEDIUM

Apache Impala < 3.0.1 - Missing Authorization Check

CVE-2018-11804 HIGH

Apache Spark 1.3.0-2.2.3 - Information Disclosure via Zinc Server

CVE-2018-8006 MEDIUM NUCLEI

Apache ActiveMQ 5.0.0-5.15.5 - Cross-Site Scripting via QueueFilter Parameter

CVE-2018-11796 HIGH

Apache Tika 0.1-1.19 - XML External Entity Injection via SAXParser Reset

CVE-2018-11797 MEDIUM

Apache PDFBox 1.8.0-1.8.15 and 2.0.0RC1-2.0.11 - Denial of Service via Page Tree Parsing

CVE-2018-11778 HIGH

Apache Ranger < 1.2.0 - Stack-based Buffer Overflow in UnixAuthenticationService

CVE-2018-11784 MEDIUM NUCLEI

Apache Tomcat 7.0.23-7.0.90, 8.5.0-8.5.33, 9.0.0.M1-9.0.11 - Open Redirect via Default Servlet

CVE-2018-11763 MEDIUM

Apache HTTP Server 2.4.17-2.4.34 - DoS

CVE-2018-14889 HIGH

CouchDB - Local Code Execution

Previous Page 70 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy