apache

3,096 tracked vulnerabilities.

CVE-2018-8015 HIGH
Apache ORC 1.0.0-1.4.3 - Uncontrolled Recursion via Malformed ORC File
May 18, 2018
CVSS 7.5
EPSS 0.03
CVE-2018-8014 CRITICAL
Apache Tomcat 9.0.0.M1-9.0.8, 8.5.0-8.5.31, 8.0.0.RC1-8.0.52, 7.0.4...
May 16, 2018
CVSS 9.8
EPSS 0.22
CVE-2018-1313 MEDIUM
Apache Derby 10.3.1.4-10.14.1.0 - Info Disclosure
May 07, 2018
CVSS 5.3
EPSS 0.05
CVE-2018-8003 MEDIUM
Apache Ambari <2.6.1 - Path Traversal
May 03, 2018
CVSS 5.3
EPSS 0.04
CVE-2018-10583 HIGH
LibreOffice 6.0.3 - Apache OpenOffice Writer 4.1.5 - Info Disclosure
May 01, 2018
CVSS 7.5
EPSS 0.79
CVE-2018-1339 MEDIUM
Apache Tika < 1.18 - Denial of Service via Infinite Loop in ChmParser
Apr 25, 2018
CVSS 5.5
EPSS 0.03
CVE-2018-1338 MEDIUM
Apache Tika < 1.18 - Denial of Service via Infinite Loop in BPGParser
Apr 25, 2018
CVSS 5.5
EPSS 0.02
CVE-2018-1335 HIGH NUCLEI
Apache Tika <1.18 - Command Injection
Apr 25, 2018
CVSS 8.1
EPSS 0.94
CVE-2018-1292 HIGH
Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating - SQL Injection via Report Name Parameter
Apr 20, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-1291 HIGH
Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating - SQL Injection via OrderBy Query Parameter
Apr 20, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-1290 CRITICAL
Apache Fineract - SQL Injection via Single Quotation Escape in Audit and Makerchecker API Methods
Apr 20, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-1289 HIGH
Apache Fineract SQL Injection via orderBy/sortOrder Parameters
Apr 20, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-2799 MEDIUM
Oracle JDK and JRE - Unauthenticated Partial Denial of Service in JAXP
Apr 19, 2018
CVSS 5.3
EPSS 0.15
CVE-2018-1273 CRITICAL KEVNUCLEI
Spring Data Commons < 1.13.11 - Unauthenticated Remote Code Execution via Property Binder
Apr 11, 2018
CVSS 9.8
EPSS 0.96
CVE-2018-1308 HIGH
Apache Solr 1.2-6.6.2 and 7.0.0-7.2.1 - XML External Entity Injection via DataImportHandler Inline XML Parameter
Apr 09, 2018
CVSS 7.5
EPSS 0.21
CVE-2018-1315 LOW
Apache Hive 2.1.0-2.3.2 - Arbitrary File Write via HPL/SQL COPY FROM FTP Statement
Apr 05, 2018
CVSS 3.7
EPSS 0.02
CVE-2018-1284 LOW
Apache Hive 0.6.0-2.3.2 - Unauthorized File Content Exposure via XPath UDFs
Apr 05, 2018
CVSS 3.7
EPSS 0.02
CVE-2018-1282 CRITICAL
Apache Hive JDBC Driver 0.7.1-2.3.2 - SQL Injection via PreparedStatement Argument Bypass
Apr 05, 2018
CVSS 9.1
EPSS 0.06
CVE-2018-1295 CRITICAL
Apache Ignite < 2.3.0 - Remote Code Execution via Untrusted Data Deserialization
Apr 02, 2018
CVSS 9.8
EPSS 0.07
CVE-2018-1327 HIGH
Apache Struts 2.1.1-2.5.14.1 and struts2-rest-plugin 2.1.1-2.5.16 - Denial of Service via Malicious XML Payload
Mar 27, 2018
CVSS 7.5
EPSS 0.09
CVE-2018-1312 CRITICAL
Apache HTTP Server 2.2.0-2.4.29 - Improper Authentication via Nonce Generation
Mar 26, 2018
CVSS 9.8
EPSS 0.16
CVE-2018-1303 HIGH
Debian Linux < 2.4.29 - Out-of-Bounds Read
Mar 26, 2018
CVSS 7.5
EPSS 0.71
CVE-2018-1302 MEDIUM
Apache HTTP Server < 2.4.30 - NULL Pointer Dereference in HTTP/2 Stream Handling
Mar 26, 2018
CVSS 5.9
EPSS 0.13
CVE-2018-1301 MEDIUM
Apache HTTP Server < 2.4.30 - Denial of Service via Crafted HTTP Header
Mar 26, 2018
CVSS 5.9
EPSS 0.16
CVE-2018-1283 MEDIUM
Apache httpd 2.4.0-2.4.29 - Info Disclosure
Mar 26, 2018
CVSS 5.3
EPSS 0.10