apache
3,096 tracked vulnerabilities.
CVE-2018-8015
HIGH
Apache ORC 1.0.0-1.4.3 - Uncontrolled Recursion via Malformed ORC File
May 18, 2018
CVSS 7.5
EPSS 0.03
CVE-2018-8014
CRITICAL
Apache Tomcat 9.0.0.M1-9.0.8, 8.5.0-8.5.31, 8.0.0.RC1-8.0.52, 7.0.4...
May 16, 2018
CVSS 9.8
EPSS 0.22
CVE-2018-1313
MEDIUM
Apache Derby 10.3.1.4-10.14.1.0 - Info Disclosure
May 07, 2018
CVSS 5.3
EPSS 0.05
CVE-2018-8003
MEDIUM
Apache Ambari <2.6.1 - Path Traversal
May 03, 2018
CVSS 5.3
EPSS 0.04
CVE-2018-10583
HIGH
LibreOffice 6.0.3 - Apache OpenOffice Writer 4.1.5 - Info Disclosure
May 01, 2018
CVSS 7.5
EPSS 0.79
CVE-2018-1339
MEDIUM
Apache Tika < 1.18 - Denial of Service via Infinite Loop in ChmParser
Apr 25, 2018
CVSS 5.5
EPSS 0.03
CVE-2018-1338
MEDIUM
Apache Tika < 1.18 - Denial of Service via Infinite Loop in BPGParser
Apr 25, 2018
CVSS 5.5
EPSS 0.02
CVE-2018-1335
HIGH
NUCLEI
Apache Tika <1.18 - Command Injection
Apr 25, 2018
CVSS 8.1
EPSS 0.94
CVE-2018-1292
HIGH
Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating - SQL Injection via Report Name Parameter
Apr 20, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-1291
HIGH
Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating - SQL Injection via OrderBy Query Parameter
Apr 20, 2018
CVSS 8.1
EPSS 0.02
CVE-2018-1290
CRITICAL
Apache Fineract - SQL Injection via Single Quotation Escape in Audit and Makerchecker API Methods
Apr 20, 2018
CVSS 9.8
EPSS 0.03
CVE-2018-1289
HIGH
Apache Fineract SQL Injection via orderBy/sortOrder Parameters
Apr 20, 2018
CVSS 8.8
EPSS 0.03
CVE-2018-2799
MEDIUM
Oracle JDK and JRE - Unauthenticated Partial Denial of Service in JAXP
Apr 19, 2018
CVSS 5.3
EPSS 0.15
CVE-2018-1273
CRITICAL
KEVNUCLEI
Spring Data Commons < 1.13.11 - Unauthenticated Remote Code Execution via Property Binder
Apr 11, 2018
CVSS 9.8
EPSS 0.96
CVE-2018-1308
HIGH
Apache Solr 1.2-6.6.2 and 7.0.0-7.2.1 - XML External Entity Injection via DataImportHandler Inline XML Parameter
Apr 09, 2018
CVSS 7.5
EPSS 0.21
CVE-2018-1315
LOW
Apache Hive 2.1.0-2.3.2 - Arbitrary File Write via HPL/SQL COPY FROM FTP Statement
Apr 05, 2018
CVSS 3.7
EPSS 0.02
CVE-2018-1284
LOW
Apache Hive 0.6.0-2.3.2 - Unauthorized File Content Exposure via XPath UDFs
Apr 05, 2018
CVSS 3.7
EPSS 0.02
CVE-2018-1282
CRITICAL
Apache Hive JDBC Driver 0.7.1-2.3.2 - SQL Injection via PreparedStatement Argument Bypass
Apr 05, 2018
CVSS 9.1
EPSS 0.06
CVE-2018-1295
CRITICAL
Apache Ignite < 2.3.0 - Remote Code Execution via Untrusted Data Deserialization
Apr 02, 2018
CVSS 9.8
EPSS 0.07
CVE-2018-1327
HIGH
Apache Struts 2.1.1-2.5.14.1 and struts2-rest-plugin 2.1.1-2.5.16 - Denial of Service via Malicious XML Payload
Mar 27, 2018
CVSS 7.5
EPSS 0.09
CVE-2018-1312
CRITICAL
Apache HTTP Server 2.2.0-2.4.29 - Improper Authentication via Nonce Generation
Mar 26, 2018
CVSS 9.8
EPSS 0.16
CVE-2018-1303
HIGH
Debian Linux < 2.4.29 - Out-of-Bounds Read
Mar 26, 2018
CVSS 7.5
EPSS 0.71
CVE-2018-1302
MEDIUM
Apache HTTP Server < 2.4.30 - NULL Pointer Dereference in HTTP/2 Stream Handling
Mar 26, 2018
CVSS 5.9
EPSS 0.13
CVE-2018-1301
MEDIUM
Apache HTTP Server < 2.4.30 - Denial of Service via Crafted HTTP Header
Mar 26, 2018
CVSS 5.9
EPSS 0.16
CVE-2018-1283
MEDIUM
Apache httpd 2.4.0-2.4.29 - Info Disclosure
Mar 26, 2018
CVSS 5.3
EPSS 0.10
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters