apache

3,096 tracked vulnerabilities.

CVE-2017-9805 HIGH KEVNUCLEI
Apache Struts 2 REST Plugin XStream RCE
Sep 15, 2017
CVSS 8.1
EPSS 0.99
CVE-2017-3165 MEDIUM
Apache Brooklyn < 0.10.0 - Authenticated Stored Cross-Site Scripting
Sep 13, 2017
CVSS 5.4
EPSS 0.02
CVE-2017-12612 HIGH
Apache Spark 1.6.0-2.1.1 - Remote Code Execution via Launcher API Deserialization
Sep 13, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-3163 HIGH
Apache Solr < 5.5.4 and 6.0.0-6.4.0 - Path Traversal via Index Replication File Name
Aug 30, 2017
CVSS 7.5
EPSS 0.07
CVE-2017-3155 MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3154 HIGH
Apache Atlas 0.6.0-incubating 0.7.0-incubating - Exposure of Sensitive Information via Error Stack Trace
Aug 29, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-3153 MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Reflected Cross-Site Scripting in Search Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3152 MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - DOM-Based Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3151 MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Stored Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3150 MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting via Cookie Access
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-9802 MEDIUM
Apache Sling Servlets Post <2.3.22 - XSS
Aug 14, 2017
CVSS 6.1
EPSS 0.04
CVE-2017-9800 CRITICAL
Subversion <1.8.19, 1.9.x <1.9.7, 1.10.0.x <=1.10.0-alpha3 - RCE
Aug 11, 2017
CVSS 9.8
EPSS 0.19
CVE-2017-7675 HIGH
Apache Tomcat <9.0.0.M22, <8.5.16 - Path Traversal
Aug 11, 2017
CVSS 7.5
EPSS 0.10
CVE-2017-7674 MEDIUM
Apache Tomcat <9.0.0.M21,8.5.15,8.0.44,7.0.78 - Info Disclosure
Aug 11, 2017
CVSS 4.3
EPSS 0.08
CVE-2017-3156 HIGH
Apache CXF <3.0.13, <3.1.10 - Timing Attack
Aug 10, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-9799 HIGH
Apache Storm <1.0.4-1.1.1 - Privilege Escalation
Aug 09, 2017
CVSS 8.8
EPSS 0.05
CVE-2017-9801 HIGH
Apache Commons Email <1.5 - Info Disclosure
Aug 07, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-7659 HIGH
Apache HTTP Server <2.4.24-2.4.25 - Use After Free
Jul 26, 2017
CVSS 7.5
EPSS 0.54
CVE-2017-7688 HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7685 MEDIUM
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-7684 HIGH
Apache OpenMeetings 1.0.0 - Denial of Service via Large File Upload
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7683 HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-7682 HIGH
Apache OpenMeetings 3.2.0 - Info Disclosure
Jul 17, 2017
CVSS 8.2
EPSS 0.02
CVE-2017-7681 HIGH
Apache OpenMeetings 1.0.0 - SQL Injection
Jul 17, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7680 HIGH
Apache OpenMeetings 1.0.0 - Overly Permissive crossdomain.xml
Jul 17, 2017
CVSS 7.5
EPSS 0.02