apache

3,096 tracked vulnerabilities.

CVE-2019-0189 CRITICAL
Apache OFBiz 16.11.01-16.11.05 - Remote Code Execution via HttpEngine ServiceContext Deserialization
Sep 11, 2019
CVSS 9.8
EPSS 0.24
CVE-2019-12401 HIGH
Apache Solr 1.3.0-1.4.1, 3.1.0-3.6.2, 4.0.0-4.10.4 - XML Entity Expansion via Update Handler
Sep 10, 2019
CVSS 7.5
EPSS 0.08
CVE-2019-12405 CRITICAL
Apache Traffic Control <3.0.1 - Auth Bypass
Sep 09, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-12402 HIGH
Apache Commons Compress <1.19 - DoS
Aug 30, 2019
CVSS 7.5
EPSS 0.16
CVE-2019-15752 HIGH KEV
Docker Desktop Community Edition < 2.1.0.1 - Privilege Escalation via Trojan Horse docker-credential-wincred.exe
Aug 28, 2019
CVSS 7.8
EPSS 0.30
CVE-2019-15544 HIGH
rust-protobuf < 1.7.5 and protobuf < 2.6.0 - Denial of Service via Vec::reserve Memory Exhaustion
Aug 26, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-12400 MEDIUM
Apache Santuario XML Security for Java <2.0.3 - Info Disclosure
Aug 23, 2019
CVSS 5.5
EPSS 0.01
CVE-2019-10086 HIGH
Apache Commons Beanutils 1.9.2 - Info Disclosure
Aug 20, 2019
CVSS 7.3
EPSS 0.29
CVE-2019-10081 HIGH
Apache HTTP Server 2.4.20-2.4.39 - Out-of-bounds Write via H2PushResource
Aug 15, 2019
CVSS 7.5
EPSS 0.15
CVE-2019-9518 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Empty Frame Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.25
CVE-2019-9517 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.27
CVE-2019-9516 MEDIUM
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Header Leak
Aug 13, 2019
CVSS 6.5
EPSS 0.56
CVE-2019-9515 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Settings Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.88
CVE-2019-9514 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Reset Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9513 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Priority Tree Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.82
CVE-2019-9512 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Ping Flood
Aug 13, 2019
CVSS 7.5
EPSS 0.83
CVE-2019-9511 HIGH
SwiftNIO 1.0.0-1.3.9 - Denial of Service via HTTP/2 Window Size Manipulation
Aug 13, 2019
CVSS 7.5
EPSS 0.58
CVE-2019-12397 MEDIUM
Apache Ranger 0.7.0-1.2.0 - Cross-Site Scripting in Policy Import Functionality
Aug 08, 2019
CVSS 6.1
EPSS 0.03
CVE-2019-10099 HIGH
Apache Spark < 1.6.3 and 2.0.0-2.3.2 - Cleartext Storage of Sensitive Information
Aug 07, 2019
CVSS 7.5
EPSS 0.01
CVE-2019-10094 HIGH
Apache Tika 1.7-1.21 - Denial of Service via RecursiveParserWrapper
Aug 02, 2019
CVSS 7.8
EPSS 0.02
CVE-2019-10093 MEDIUM
Apache Tika 1.19-1.21 - Denial of Service via Crafted 2003ml or 2006ml File
Aug 02, 2019
CVSS 6.5
EPSS 0.04
CVE-2019-10088 HIGH
Apache Tika <1.22 - Memory Corruption
Aug 02, 2019
CVSS 8.8
EPSS 0.05
CVE-2019-0193 HIGH KEVNUCLEI
Apache Solr < 7.7.3 and 8.0.0-8.1.1 - Remote Code Execution via DataImportHandler dataConfig Parameter
Aug 01, 2019
CVSS 7.2
EPSS 0.84
CVE-2019-14439 HIGH
FasterXML jackson-databind <2.9.9.2 - Info Disclosure
Jul 30, 2019
CVSS 7.5
EPSS 0.11
CVE-2019-13990 CRITICAL
Terracotta Quartz Scheduler <2.3.0 - SSRF
Jul 26, 2019
CVSS 9.8
EPSS 0.16