apache

3,096 tracked vulnerabilities.

CVE-2019-0229 HIGH
Apache Airflow < 1.10.2 - Cross-Site Request Forgery
Apr 10, 2019
CVSS 8.8
EPSS 0.02
CVE-2019-0216 MEDIUM
Apache Airflow < 1.10.2 - Stored Cross-Site Scripting via Metadata Database Manipulation
Apr 10, 2019
CVSS 4.8
EPSS 0.03
CVE-2019-0199 HIGH
Apache Tomcat 8.5.0-8.5.37 and 9.0.0.M1-9.0.14 - Denial of Service via HTTP/2 Stream Exhaustion
Apr 10, 2019
CVSS 7.5
EPSS 0.73
CVE-2019-0211 HIGH KEV
Apache HTTP Server 2.4.17-2.4.38 - Use-After-Free in Scoreboard
Apr 08, 2019
CVSS 7.8
EPSS 0.65
CVE-2019-0217 HIGH
Apache HTTP Server < 2.4.38 - Authentication Bypass via Race Condition in mod_auth_digest
Apr 08, 2019
CVSS 7.5
EPSS 0.18
CVE-2019-0215 HIGH
Apache HTTP Server <2.4.39 - Auth Bypass
Apr 08, 2019
CVSS 7.5
EPSS 0.11
CVE-2019-0225 HIGH
Apache JSPWiki 2.9.0-2.11.0.M2 - Path Traversal via Specially Crafted URL
Mar 28, 2019
CVSS 7.5
EPSS 0.10
CVE-2019-0222 HIGH
Apache ActiveMQ <5.15.8 - Info Disclosure
Mar 28, 2019
CVSS 7.5
EPSS 0.12
CVE-2019-0212 HIGH
Apache HBase <2.0.5-2.1.4 - Privilege Escalation
Mar 28, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-0224 MEDIUM
Apache JSPWiki 2.9.0-2.11.0.M2 - Cross-Site Scripting via Crafted URL
Mar 28, 2019
CVSS 6.1
EPSS 0.05
CVE-2019-0204 HIGH
Apache Mesos <1.4.x, 1.4.0-1.4.2, 1.5.0-1.5.2, 1.6.0-1.6.1, 1.7.0-1...
Mar 25, 2019
CVSS 7.8
EPSS 0.03
CVE-2019-0191 MEDIUM
Apache Karaf < 4.2.3 - Path Traversal and Arbitrary File Write via Malicious .kar Archive
Mar 21, 2019
CVSS 6.5
EPSS 0.05
CVE-2019-0192 CRITICAL NUCLEI
Apache Solr 5.0.0-5.5.5 and 6.0.0-6.6.5 - Remote Code Execution via JMX Config API
Mar 07, 2019
CVSS 9.8
EPSS 0.78
CVE-2019-0200 HIGH
Apache Qpid Broker-J 6.0.0-7.0.6 and 7.1.0 - Unauthenticated Denial of Service via AMQP Protocol Versions Below 1.0
Mar 06, 2019
CVSS 7.5
EPSS 0.04
CVE-2019-0187 CRITICAL
Apache JMeter < 5.1 - Unauthenticated Remote Code Execution via RMI Deserialization
Mar 06, 2019
CVSS 9.8
EPSS 0.03
CVE-2019-5736 HIGH
Docker Container Escape Via runC Overwrite
Feb 11, 2019
CVSS 8.6
EPSS 0.99
CVE-2019-6111 MEDIUM
OpenSSH < 7.9 - Arbitrary File Write via Malicious SCP Server
Jan 31, 2019
CVSS 5.9
EPSS 0.58
CVE-2019-0190 HIGH
Apache HTTP Server 2.4.37 - Denial of Service via mod_ssl Client Renegotiation
Jan 30, 2019
CVSS 7.5
EPSS 0.60
CVE-2018-9481 MEDIUM
Android - Remote Information Disclosure via Integer Overflow in bta_hd_set_report_act
Nov 20, 2024
CVSS 6.5
EPSS 0.00
CVE-2018-11764 HIGH
Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, 3.0.0 - Authenticated User Impersonation via Broken Web Endpoint Authentication
Oct 21, 2020
CVSS 8.8
EPSS 0.02
CVE-2018-20243 HIGH
Apache Fineract 1.0.0-1.2.9 - Credential Exposure via URL Parameters
Oct 13, 2020
CVSS 7.5
EPSS 0.03
CVE-2018-11765 HIGH
Apache Hadoop 2.8.0-2.8.5, 2.9.0-2.9.2, 3.0.0-alpha2-3.0.0 - Unauthenticated Servlet Access via Kerberos Bypass
Sep 30, 2020
CVSS 7.5
EPSS 0.05
CVE-2018-21234 CRITICAL
jodd < 5.0.4 - Deserialization of Untrusted Data via JSON setClassMetadataName
May 21, 2020
CVSS 9.8
EPSS 0.08
CVE-2018-1285 CRITICAL
Apache log4net < 2.0.10 - XML External Entity Injection in Configuration Parser
May 11, 2020
CVSS 9.8
EPSS 0.18
CVE-2018-11802 MEDIUM
Apache Solr < 6.6.6 and 7.0.0-7.7.0 - Incorrect Authorization via Collection Proxy Request
Apr 01, 2020
CVSS 4.3
EPSS 0.02