Apache

2,736 tracked vulnerabilities.

CVE-2025-27696 HIGH
Apache Superset < 4.1.2 - Incorrect Authorization
May 13, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-46392 MEDIUM
Apache Commons Configuration 1.x - Uncontrolled Resource Consumption
May 09, 2025
CVSS 6.5
EPSS 0.01
CVE-2025-27533 HIGH
Apache ActiveMQ <6.1.6 - DoS
May 07, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-46762 HIGH
Apache Parquet <1.15.0 - RCE
May 06, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-3891 HIGH
Apache HTTP Server - Denial of Service
Apr 29, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-31651 CRITICAL
Apache Tomcat <11.0.5 - SSRF
Apr 28, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-31650 HIGH
Apache Tomcat <9.0.103 - DoS
Apr 28, 2025
CVSS 7.5
EPSS 0.20
CVE-2025-27820 HIGH
Apache Httpclient < 5.4.3 - Improper Certificate Validation
Apr 24, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-26413 HIGH
Apache Kvrocks < 2.12.0 - Improper Input Validation
Apr 22, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-29953 CRITICAL
Apache ActiveMQ NMS OpenWire Client <2.1.1 - Deserialization
Apr 18, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-56736 MEDIUM
Apache HertzBeat <1.7.0 - SSRF
Apr 16, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-24859 HIGH
Apache Roller <6.1.5 - Info Disclosure
Apr 14, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-27391 MEDIUM
Apache ActiveMQ Artemis <2.40.0 - Info Disclosure
Apr 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-31672 MEDIUM
Apache POI - Info Disclosure
Apr 09, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-30677 MEDIUM
Apache Pulsar < 3.0.11 - Log Information Exposure
Apr 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-30473 HIGH
Apache Airflow Common SQL Provider - SQL Injection
Apr 07, 2025
CVSS 8.8
EPSS 0.00
CVE-2024-53868 HIGH
Apache Traffic Server <9.2.10-10.0.5 - Request Smuggling
Apr 03, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-30676 MEDIUM
Apache Ofbiz < 18.12.19 - Basic XSS
Apr 01, 2025
CVSS 6.1
EPSS 0.03
CVE-2025-30177 MEDIUM
Apache Camel <4.10.3, <4.8.6 - Command Injection
Apr 01, 2025
CVSS 6.5
EPSS 0.01
CVE-2024-56325 CRITICALNUCLEI
Apache Pinot < 1.3.0 - Authentication Bypass
Apr 01, 2025
CVSS 9.8
EPSS 0.28
CVE-2025-30065 CRITICAL
Apache Parquet <1.15.1 - RCE
Apr 01, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-29868 MEDIUM
Apache Answer <1.4.2 - Info Disclosure
Apr 01, 2025
CVSS 6.5
EPSS 0.02
CVE-2025-27427 MEDIUM
Apache ActiveMQ Artemis - Privilege Escalation
Apr 01, 2025
CVSS 4.3
EPSS 0.01
CVE-2025-30067 HIGH
Apache Kylin <5.0.1 - Code Injection
Mar 27, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-48944 MEDIUM
Apache Kylin < 5.0.2 - SSRF
Mar 27, 2025
CVSS 6.5
EPSS 0.00
Products
http_server 306 tomcat 237 airflow 101 struts 90 traffic_server 80 superset 68 openoffice 60 ofbiz 57 activemq 51 subversion 47 solr 46 nifi 44 cxf 43 cloudstack 38 hadoop 37 inlong 32 camel 31 ambari 26 tika 25 openmeetings 25 jspwiki 24 dolphinscheduler 24 geode 23 zeppelin 22 ranger 21 spark 21 kylin 21 couchdb 20 fineract 20 hive 20
Quick Filters
Critical CVEs With Exploits In CISA KEV