Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,905 tracked vulnerabilities.

CVE-2017-7668 HIGH

Apache HTTP Server 2.2.32-2.4.24 - Out-of-bounds Read via Token List Parsing

CVE-2017-3169 CRITICAL

Apache HTTP Server 2.2.x < 2.2.33 and 2.4.x < 2.4.26 - NULL Pointer Dereference in mod_ssl

CVE-2017-3167 CRITICAL

Apache HTTP Server 2.2.0-2.2.32 - Authentication Bypass via ap_get_basic_auth_pw()

CVE-2017-7677 MEDIUM

Apache Ranger <0.7.1 - Privilege Escalation

CVE-2017-7676 CRITICAL

Apache Ranger <0.7.1 - Path Traversal

CVE-2017-7667 HIGH

Apache NiFi <1.3.0 - Info Disclosure

CVE-2017-7665 MEDIUM

Apache NiFi < 0.7.4 and 1.x < 1.3.0 - Stored Cross-Site Scripting

CVE-2017-5664 HIGH

Apache Tomcat 7.0.0-7.0.77, 8.0.0.RC1-8.0.43, 8.5.0-8.5.14, 9.0.0.M1-9.0.0.M20 - Error Page Exception Handling Flaw

CVE-2017-7669 HIGH

Apache Hadoop <3.0.0-alpha2 - Command Injection

CVE-2017-5646 MEDIUM

Apache Knox 0.2.0-0.11.0 - Authenticated User Impersonation via Crafted WebHDFS URL

CVE-2017-6891 HIGH

GnuTLS libtasn1 <4.10 - Buffer Overflow

CVE-2017-5657 HIGH

Apache Archiva < 2.2.1 - Cross-Site Request Forgery

CVE-2017-7662 HIGH

Apache CXF Fediz <1.4.0-1.3.2 - CSRF

CVE-2017-7661 HIGH

Apache CXF Fediz <1.4.0-1.2.4 - CSRF

CVE-2017-5655 MEDIUM

Apache Ambari 2.2.2-2.4.2 and 2.5.0 - Unauthorized Sensitive Data Exposure via Temporary Files

CVE-2017-5654 HIGH

Ambari <2.4.3-2.5.0 - Info Disclosure

CVE-2017-3162 HIGH

Apache Hadoop < 2.7.0 - Server-Side Request Forgery via Unvalidated NameNode Parameter

CVE-2017-3161 MEDIUM

Apache Hadoop < 2.7.0 - Cross-Site Scripting via HDFS Web UI Query Parameter

CVE-2017-5656 HIGH

Apache CXF <3.1.11, <3.0.13 - Privilege Escalation

CVE-2017-5653 MEDIUM

Apache CXF 3.0.0-3.0.12 and 3.1.0-3.1.10 - Improper Certificate Validation in JAX-RS XML Security Streaming Clients

CVE-2017-5662 HIGH

Apache Batik < 1.9 - XML External Entity Injection

CVE-2017-5661 HIGH

Apache FOP < 2.2 - XML External Entity Injection via Malicious SVG File

CVE-2017-5645 CRITICAL NUCLEI

Apache Log4j 2.0-2.8.1 - Remote Code Execution via Untrusted Data Deserialization

CVE-2017-5659 HIGH

Apache Traffic Server < 6.2.1 - Denial of Service via Content Length and Chunked Encoding Mismatch

CVE-2017-5651 CRITICAL

Apache Tomcat <9.0.0.M19-<8.5.13 - Info Disclosure

Previous Page 80 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy