Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / apache

apache

2,905 tracked vulnerabilities.

CVE-2016-8743 HIGH

Apache HTTP Server <2.2.32 & 2.4.25 - Info Disclosure

CVE-2016-2161 HIGH

Apache HTTP Server 2.4.0-2.4.23 - Denial of Service via mod_auth_digest Input

CVE-2016-0736 HIGH

Apache HTTP Server <2.4.24 - Info Disclosure

CVE-2016-6798 CRITICAL

Apache Sling XSS Protection API < 1.0.12 - XML External Entity Injection via Insecure SAX Parser

CVE-2016-5394 MEDIUM

Apache Sling XSS Protection API < 1.0.12 - Cross-Site Scripting via encodeForJSString Method

CVE-2016-6793 CRITICAL

Apache Wicket 1.5.0-1.5.16 - Deserialization of Untrusted Data in DiskFileItem

CVE-2016-8751 MEDIUM

Apache Ranger < 0.6.3 - Stored Cross-Site Scripting in Custom Policy Conditions

CVE-2016-8746 MEDIUM

Apache Ranger <0.6.3 - Info Disclosure

CVE-2016-5004 MEDIUM

Apache ws-xmlrpc 3.1.3 - Denial of Service via Content-Encoding Header Decompression

CVE-2016-3083 HIGH

Apache Hive < 1.2.2 and 2.0.x < 2.0.1 - Improper Certificate Validation

CVE-2016-8741 HIGH

Apache Qpid Broker for Java <6.0.6, <6.1.1 - Info Disclosure

CVE-2016-6799 HIGH

Apache Cordova Android < 5.2.2 - Sensitive Information Exposure via Log File Insertion

CVE-2016-4467 MEDIUM

Apache Qpid Proton - Improper Certificate Validation

CVE-2016-5396 HIGH

Apache Traffic Server 6.0.0-6.2.0 - Denial of Service via HPACK Bomb Attack

CVE-2016-4970 HIGH

Netty 4.0.20-4.0.36 - Denial of Service via Infinite Loop in OpenSslEngine

CVE-2016-6808 CRITICAL

Apache Tomcat JK Connector < 1.2.42 - Buffer Overflow

CVE-2016-0779 CRITICAL

Apache TomEE <1.7.4, <7.0.0-M3 - RCE

CVE-2016-6811 HIGH

Apache Hadoop 2.2.0-2.7.3 - Privilege Escalation to Root via YARN User

CVE-2016-6805 MEDIUM

Apache Ignite < 1.9 - XML External Entity Injection via Update-Notifier Documents

CVE-2016-8735 CRITICAL KEVNUCLEI

Apache Tomcat , 7.x , 8.x , 8.5.x , 9.x <6.0.48 <7.0.73 <8.0.39 <8.5.7 - Remote Code Execution

CVE-2016-6809 CRITICAL

Apache Tika < 1.14 - Remote Code Execution via MATLAB File Deserialization

CVE-2016-4976 MEDIUM

Apache Ambari 2.0.0-2.3.9 - Exposure of Sensitive Information via KDC Administrator Password

CVE-2016-6807 CRITICAL

Apache Ambari 2.4.0-2.4.1 - Unauthenticated Remote Code Execution via Custom Commands

CVE-2016-8749 CRITICAL

Apache Camel 2.16.0-2.16.4 2.17.0-2.17.4 2.18.0-2.18.1 - Remote Code Execution via Jackson Unmarshalling

CVE-2016-9775 HIGH

Debian Linux - Access Control

Previous Page 83 of 117 Next

Products

http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20 couchdb 20

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy