apache
3,096 tracked vulnerabilities.
CVE-2017-9805
HIGH
KEVNUCLEI
Apache Struts 2 REST Plugin XStream RCE
Sep 15, 2017
CVSS 8.1
EPSS 0.99
CVE-2017-3165
MEDIUM
Apache Brooklyn < 0.10.0 - Authenticated Stored Cross-Site Scripting
Sep 13, 2017
CVSS 5.4
EPSS 0.02
CVE-2017-12612
HIGH
Apache Spark 1.6.0-2.1.1 - Remote Code Execution via Launcher API Deserialization
Sep 13, 2017
CVSS 7.8
EPSS 0.01
CVE-2017-3163
HIGH
Apache Solr < 5.5.4 and 6.0.0-6.4.0 - Path Traversal via Index Replication File Name
Aug 30, 2017
CVSS 7.5
EPSS 0.07
CVE-2017-3155
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3154
HIGH
Apache Atlas 0.6.0-incubating 0.7.0-incubating - Exposure of Sensitive Information via Error Stack Trace
Aug 29, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-3153
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Reflected Cross-Site Scripting in Search Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3152
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - DOM-Based Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3151
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Stored Cross-Site Scripting in Edit-Tag Functionality
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-3150
MEDIUM
Apache Atlas 0.6.0-incubating and 0.7.0-incubating - Cross-Site Scripting via Cookie Access
Aug 29, 2017
CVSS 6.1
EPSS 0.02
CVE-2017-9802
MEDIUM
Apache Sling Servlets Post <2.3.22 - XSS
Aug 14, 2017
CVSS 6.1
EPSS 0.04
CVE-2017-9800
CRITICAL
Subversion <1.8.19, 1.9.x <1.9.7, 1.10.0.x <=1.10.0-alpha3 - RCE
Aug 11, 2017
CVSS 9.8
EPSS 0.19
CVE-2017-7675
HIGH
Apache Tomcat <9.0.0.M22, <8.5.16 - Path Traversal
Aug 11, 2017
CVSS 7.5
EPSS 0.10
CVE-2017-7674
MEDIUM
Apache Tomcat <9.0.0.M21,8.5.15,8.0.44,7.0.78 - Info Disclosure
Aug 11, 2017
CVSS 4.3
EPSS 0.08
CVE-2017-3156
HIGH
Apache CXF <3.0.13, <3.1.10 - Timing Attack
Aug 10, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-9799
HIGH
Apache Storm <1.0.4-1.1.1 - Privilege Escalation
Aug 09, 2017
CVSS 8.8
EPSS 0.05
CVE-2017-9801
HIGH
Apache Commons Email <1.5 - Info Disclosure
Aug 07, 2017
CVSS 7.5
EPSS 0.06
CVE-2017-7659
HIGH
Apache HTTP Server <2.4.24-2.4.25 - Use After Free
Jul 26, 2017
CVSS 7.5
EPSS 0.54
CVE-2017-7688
HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7685
MEDIUM
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 5.3
EPSS 0.03
CVE-2017-7684
HIGH
Apache OpenMeetings 1.0.0 - Denial of Service via Large File Upload
Jul 17, 2017
CVSS 7.5
EPSS 0.03
CVE-2017-7683
HIGH
Apache OpenMeetings 1.0.0 - Info Disclosure
Jul 17, 2017
CVSS 7.5
EPSS 0.02
CVE-2017-7682
HIGH
Apache OpenMeetings 3.2.0 - Info Disclosure
Jul 17, 2017
CVSS 8.2
EPSS 0.02
CVE-2017-7681
HIGH
Apache OpenMeetings 1.0.0 - SQL Injection
Jul 17, 2017
CVSS 8.8
EPSS 0.01
CVE-2017-7680
HIGH
Apache OpenMeetings 1.0.0 - Overly Permissive crossdomain.xml
Jul 17, 2017
CVSS 7.5
EPSS 0.02
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters