apache
3,096 tracked vulnerabilities.
CVE-2018-1340
HIGH
Apache Guacamole < 1.0.0 - Unauthenticated Session Token Exposure via Insecure Cookie
Feb 07, 2019
CVSS 7.5
EPSS 0.02
CVE-2018-1296
HIGH
Apache Hadoop 2.5.0-2.7.5 and 2.8.0-2.8.3 - Unauthorized Exposure of Extended Attributes
Feb 07, 2019
CVSS 7.5
EPSS 0.03
CVE-2018-11803
HIGH
Subversion's mod_dav_svn <1.11.0-1.10.3 - Use After Free
Feb 05, 2019
CVSS 7.5
EPSS 0.58
CVE-2018-11760
MEDIUM
PySpark <2.3.1 - Privilege Escalation
Feb 04, 2019
CVSS 5.5
EPSS 0.01
CVE-2018-11790
HIGH
Apache Open Office <4.1.5 - Memory Corruption
Jan 31, 2019
CVSS 7.8
EPSS 0.01
CVE-2018-17199
HIGH
Apache HTTP Server <2.4.38 - Info Disclosure
Jan 30, 2019
CVSS 7.5
EPSS 0.20
CVE-2018-17189
MEDIUM
Apache HTTP Server <= 2.4.37 - Denial of Service via Slow Loris HTTP/2 Request
Jan 30, 2019
CVSS 5.3
EPSS 0.19
CVE-2018-20245
HIGH
Apache Airflow <1.10.1 - Info Disclosure
Jan 23, 2019
CVSS 7.5
EPSS 0.01
CVE-2018-1000421
MEDIUM
Jenkins Mesos Plugin <0.17.1 - Auth Bypass
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1000420
MEDIUM
Jenkins Mesos Plugin <0.17.1 - Auth Bypass
Jan 09, 2019
CVSS 6.5
EPSS 0.01
CVE-2018-1320
HIGH
Apache Thrift 0.5.0-0.11.0 - Improper Certificate Validation in SASL Negotiation
Jan 07, 2019
CVSS 7.5
EPSS 0.08
CVE-2018-11798
MEDIUM
Apache Thrift Node.js <0.11.0 - Path Traversal
Jan 07, 2019
CVSS 6.5
EPSS 0.05
CVE-2018-11788
CRITICAL
Apache Karaf < 4.1.7 and 4.2.0-4.2.2 - XML External Entity Injection via Features XML Deployer
Jan 07, 2019
CVSS 9.8
EPSS 0.07
CVE-2018-17188
HIGH
CouchDB <2.3.0 - Privilege Escalation
Jan 02, 2019
CVSS 7.2
EPSS 0.03
CVE-2018-17191
CRITICAL
Apache NetBeans (incubating) 9.0 - RCE
Dec 31, 2018
CVSS 9.8
EPSS 0.08
CVE-2018-17197
MEDIUM
Apache Tika <1.19.1 - Info Disclosure
Dec 24, 2018
CVSS 6.5
EPSS 0.06
CVE-2018-11799
MEDIUM
Apache Oozie <5.0.0 - Privilege Escalation
Dec 19, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-17195
HIGH
Apache NiFi 1.0.0-1.7.1 - Cross-Site Request Forgery via Template Upload API
Dec 19, 2018
CVSS 7.5
EPSS 0.01
CVE-2018-17194
HIGH
Apache NiFi 1.0.0-1.7.1 - Denial of Service via DELETE Request Content-Length Handling
Dec 19, 2018
CVSS 7.5
EPSS 0.03
CVE-2018-17193
MEDIUM
Apache NiFi 1.0.0-1.7.1 - Reflected Cross-Site Scripting via X-ProxyContextPath Header
Dec 19, 2018
CVSS 6.1
EPSS 0.03
CVE-2018-17192
MEDIUM
Apache NiFi <1.8.0 - Info Disclosure
Dec 19, 2018
CVSS 6.5
EPSS 0.03
CVE-2018-8033
HIGH
NUCLEI
Apache OFBiz 16.11.01-16.11.04 - Info Disclosure
Dec 13, 2018
CVSS 7.5
EPSS 0.26
CVE-2018-11766
HIGH
Apache Hadoop <2.7.7 - Privilege Escalation
Nov 27, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-17190
CRITICAL
Apache Spark - Unauthenticated Remote Code Execution via Master Host
Nov 19, 2018
CVSS 9.8
EPSS 0.09
CVE-2018-8009
HIGH
Apache Hadoop Path Traversal via Zip Slip
Nov 13, 2018
CVSS 8.8
EPSS 0.08
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters