apache
3,096 tracked vulnerabilities.
CVE-2019-0189
CRITICAL
Apache OFBiz 16.11.01-16.11.05 - Remote Code Execution via HttpEngine ServiceContext Deserialization
Sep 11, 2019
CVSS 9.8
EPSS 0.24
CVE-2019-12401
HIGH
Apache Solr 1.3.0-1.4.1, 3.1.0-3.6.2, 4.0.0-4.10.4 - XML Entity Expansion via Update Handler
Sep 10, 2019
CVSS 7.5
EPSS 0.08
CVE-2019-12405
CRITICAL
Apache Traffic Control <3.0.1 - Auth Bypass
Sep 09, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-12402
HIGH
Apache Commons Compress <1.19 - DoS
Aug 30, 2019
CVSS 7.5
EPSS 0.16
CVE-2019-15752
HIGH
KEV
Docker Desktop Community Edition < 2.1.0.1 - Privilege Escalation via Trojan Horse docker-credential-wincred.exe
Aug 28, 2019
CVSS 7.8
EPSS 0.30
CVE-2019-15544
HIGH
rust-protobuf < 1.7.5 and protobuf < 2.6.0 - Denial of Service via Vec::reserve Memory Exhaustion
Aug 26, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-12400
MEDIUM
Apache Santuario XML Security for Java <2.0.3 - Info Disclosure
Aug 23, 2019
CVSS 5.5
EPSS 0.01
CVE-2019-10086
HIGH
Apache Commons Beanutils 1.9.2 - Info Disclosure
Aug 20, 2019
CVSS 7.3
EPSS 0.29
CVE-2019-10081
HIGH
Apache HTTP Server 2.4.20-2.4.39 - Out-of-bounds Write via H2PushResource
Aug 15, 2019
CVSS 7.5
EPSS 0.15
CVE-2019-9518
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.25
CVE-2019-9517
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.27
CVE-2019-9516
MEDIUM
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak
Aug 13, 2019
CVSS 6.5
EPSS 0.56
CVE-2019-9515
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.88
CVE-2019-9514
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9513
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.82
CVE-2019-9512
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9511
HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.58
CVE-2019-12397
MEDIUM
Apache Ranger 0.7.0-1.2.0 - Cross-Site Scripting in Policy Import Functionality
Aug 08, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-10099
HIGH
Apache Spark < 1.6.3 and 2.0.0-2.3.2 - Cleartext Storage of Sensitive Information
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10094
HIGH
Apache Tika 1.7-1.21 - Denial of Service via RecursiveParserWrapper
Aug 02, 2019
CVSS 7.8
EPSS 0.02
CVE-2019-10093
MEDIUM
Apache Tika 1.19-1.21 - Denial of Service via Crafted 2003ml or 2006ml File
Aug 02, 2019
CVSS 6.5
EPSS 0.04
CVE-2019-10088
HIGH
Apache Tika <1.22 - Memory Corruption
Aug 02, 2019
CVSS 8.8
EPSS 0.05
CVE-2019-0193
HIGH
KEVNUCLEI
Apache Solr < 7.7.3 and 8.0.0-8.1.1 - Remote Code Execution via DataImportHandler dataConfig Parameter
Aug 01, 2019
CVSS 7.2
EPSS 0.84
CVE-2019-14439
HIGH
FasterXML jackson-databind <2.9.9.2 - Info Disclosure
Jul 30, 2019
CVSS 7.5
EPSS 0.11
CVE-2019-13990
CRITICAL
Terracotta Quartz Scheduler <2.3.0 - SSRF
Jul 26, 2019
CVSS 9.8
EPSS 0.16
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters