apache
3,096 tracked vulnerabilities.
CVE-2019-0229
HIGH
Apache Airflow < 1.10.2 - Cross-Site Request Forgery
Apr 10, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-0216
MEDIUM
Apache Airflow < 1.10.2 - Stored Cross-Site Scripting via Metadata Database Manipulation
Apr 10, 2019
CVSS 4.8
EPSS 0.03
CVE-2019-0199
HIGH
Apache Tomcat 8.5.0-8.5.37 and 9.0.0.M1-9.0.14 - Denial of Service via HTTP/2 Stream Exhaustion
Apr 10, 2019
CVSS 7.5
EPSS 0.73
CVE-2019-0211
HIGH
KEV
Apache HTTP Server 2.4.17-2.4.38 - Use-After-Free in Scoreboard
Apr 08, 2019
CVSS 7.8
EPSS 0.65
CVE-2019-0217
HIGH
Apache HTTP Server < 2.4.38 - Authentication Bypass via Race Condition in mod_auth_digest
Apr 08, 2019
CVSS 7.5
EPSS 0.18
CVE-2019-0215
HIGH
Apache HTTP Server <2.4.39 - Auth Bypass
Apr 08, 2019
CVSS 7.5
EPSS 0.11
CVE-2019-0225
HIGH
Apache JSPWiki 2.9.0-2.11.0.M2 - Path Traversal via Specially Crafted URL
Mar 28, 2019
CVSS 7.5
EPSS 0.10
CVE-2019-0222
HIGH
Apache ActiveMQ <5.15.8 - Info Disclosure
Mar 28, 2019
CVSS 7.5
EPSS 0.12
CVE-2019-0212
HIGH
Apache HBase <2.0.5-2.1.4 - Privilege Escalation
Mar 28, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-0224
MEDIUM
Apache JSPWiki 2.9.0-2.11.0.M2 - Cross-Site Scripting via Crafted URL
Mar 28, 2019
CVSS 6.1
EPSS 0.05
CVE-2019-0204
HIGH
Apache Mesos <1.4.x, 1.4.0-1.4.2, 1.5.0-1.5.2, 1.6.0-1.6.1, 1.7.0-1...
Mar 25, 2019
CVSS 7.8
EPSS 0.03
CVE-2019-0191
MEDIUM
Apache Karaf < 4.2.3 - Path Traversal and Arbitrary File Write via Malicious .kar Archive
Mar 21, 2019
CVSS 6.5
EPSS 0.05
CVE-2019-0192
CRITICAL
NUCLEI
Apache Solr 5.0.0-5.5.5 and 6.0.0-6.6.5 - Remote Code Execution via JMX Config API
Mar 07, 2019
CVSS 9.8
EPSS 0.78
CVE-2019-0200
HIGH
Apache Qpid Broker-J 6.0.0-7.0.6 and 7.1.0 - Unauthenticated Denial of Service via AMQP Protocol Versions Below 1.0
Mar 06, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-0187
CRITICAL
Apache JMeter < 5.1 - Unauthenticated Remote Code Execution via RMI Deserialization
Mar 06, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-5736
HIGH
Docker Container Escape Via runC Overwrite
Feb 11, 2019
CVSS 8.6
EPSS 0.99
CVE-2019-6111
MEDIUM
OpenSSH < 7.9 - Arbitrary File Write via Malicious SCP Server
Jan 31, 2019
CVSS 5.9
EPSS 0.58
CVE-2019-0190
HIGH
Apache HTTP Server 2.4.37 - Denial of Service via mod_ssl Client Renegotiation
Jan 30, 2019
CVSS 7.5
EPSS 0.60
CVE-2018-9481
MEDIUM
Android - Remote Information Disclosure via Integer Overflow in bta_hd_set_report_act
Nov 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2018-11764
HIGH
Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, 3.0.0 - Authenticated User Impersonation via Broken Web Endpoint Authentication
Oct 21, 2020
CVSS 8.8
EPSS 0.02
CVE-2018-20243
HIGH
Apache Fineract 1.0.0-1.2.9 - Credential Exposure via URL Parameters
Oct 13, 2020
CVSS 7.5
EPSS 0.03
CVE-2018-11765
HIGH
Apache Hadoop 2.8.0-2.8.5, 2.9.0-2.9.2, 3.0.0-alpha2-3.0.0 - Unauthenticated Servlet Access via Kerberos Bypass
Sep 30, 2020
CVSS 7.5
EPSS 0.05
CVE-2018-21234
CRITICAL
jodd < 5.0.4 - Deserialization of Untrusted Data via JSON setClassMetadataName
May 21, 2020
CVSS 9.8
EPSS 0.08
CVE-2018-1285
CRITICAL
Apache log4net < 2.0.10 - XML External Entity Injection in Configuration Parser
May 11, 2020
CVSS 9.8
EPSS 0.18
CVE-2018-11802
MEDIUM
Apache Solr < 6.6.6 and 7.0.0-7.7.0 - Incorrect Authorization via Collection Proxy Request
Apr 01, 2020
CVSS 4.3
EPSS 0.02
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters