apache
2,910 tracked vulnerabilities.
CVE-2015-1830
Apache ActiveMQ 5.x-5.11.1 Directory Traversal Shell Upload
Aug 19, 2015
EPSS 0.86
CVE-2015-3253
CRITICAL
Apache Groovy 1.7.0-2.4.3 - Remote Code Execution via MethodClosure Deserialization
Aug 13, 2015
CVSS 9.8
EPSS 0.70
CVE-2015-3187
Apache Subversion <1.7.21, <1.8.14 - Info Disclosure
Aug 12, 2015
EPSS 0.01
CVE-2015-3184
Apache Subversion <1.7.21, <1.8.14 - Info Disclosure
Aug 12, 2015
EPSS 0.17
CVE-2015-3185
Apache HTTP Server <2.4.14 - Auth Bypass
Jul 20, 2015
EPSS 0.06
CVE-2015-3183
Apache HTTP Server 2.2.0-2.2.30 - HTTP Request Smuggling via Chunked Transfer Coding
Jul 20, 2015
EPSS 0.24
CVE-2015-0253
Apache HTTP Server 2.4.12 - Denial of Service via Missing Request Method
Jul 20, 2015
EPSS 0.08
CVE-2015-1831
Apache Struts 2.3.20 - Info Disclosure
Jul 16, 2015
EPSS 0.05
CVE-2015-0264
Apache Camel < 2.13.4 and 2.14.x < 2.14.2 - XML External Entity Injection via XPath Query
Jun 03, 2015
EPSS 0.02
CVE-2015-0263
Apache Camel < 2.13.4 and 2.14.x < 2.14.2 - XML External Entity Injection via SAXSource
Jun 03, 2015
EPSS 0.03
CVE-2015-2944
Apache Sling API <2.2.2 & Apache Sling Servlets Post <2.1.2 - XSS
Jun 02, 2015
EPSS 0.03
CVE-2015-1833
Apache Jackrabbit XML External Entity Injection via WebDAV Request
May 29, 2015
EPSS 0.31
CVE-2015-1774
Canonical Ubuntu Linux < 4.1.1 - Out-of-Bounds Write
Apr 28, 2015
EPSS 0.07
CVE-2015-0251
Apache Subversion 1.5.0-1.7.19 and 1.8.0-1.8.11 - Authenticated svn:author Property Spoofing via v1 HTTP Protocol
Apr 08, 2015
EPSS 0.01
CVE-2015-0248
Apache Subversion 1.6.0-1.7.19 and 1.8.0-1.8.11 - Denial of Service via Crafted Revision Parameter Combinations
Apr 08, 2015
EPSS 0.16
CVE-2015-0202
Subversion 1.8.0-1.8.11 - Denial of Service via REPORT Requests
Apr 08, 2015
EPSS 0.02
CVE-2015-1773
Apache Flex < 4.14.0 - Cross-Site Scripting via asdoc URI
Apr 08, 2015
EPSS 0.01
CVE-2015-0225
Apache Cassandra 1.2.0-1.2.19, 2.0.0-2.0.13, 2.1.0-2.1.3 - Unauthenticated Remote Code Execution via JMX/RMI Interface
Apr 03, 2015
EPSS 0.01
CVE-2015-0252
Debian Linux < 3.1.1 - Improper Input Validation
Mar 24, 2015
EPSS 0.25
CVE-2015-0250
Canonical Ubuntu Linux < 1.7 - Denial of Service
Mar 24, 2015
EPSS 0.01
CVE-2015-2091
mod-gnutls < 0.5.1 - Unauthenticated Client Certificate Spoofing via mgs_hook_authz
Mar 13, 2015
EPSS 0.01
CVE-2015-0254
Apache Standard Taglibs < 1.2.3 - Remote Code Execution and XML External Entity Injection via JSTL XML Tags
Mar 09, 2015
EPSS 0.04
CVE-2015-0228
Apache HTTP Server < 2.4.12 - Denial of Service via Crafted WebSocket Ping Frame
Mar 08, 2015
EPSS 0.15
CVE-2015-0227
Apache WSS4J < 1.6.17 and 2.x < 2.0.2 - Security Feature Bypass via Wrapping Attacks
Feb 12, 2015
EPSS 0.14
CVE-2015-0223
Apache Qpid < 0.30 - Unauthenticated Access Restriction Bypass via 0-10 Connection Handling
Feb 02, 2015
EPSS 0.02
Products
http_server 317
tomcat 254
airflow 120
struts 90
traffic_server 82
ofbiz 74
superset 68
openoffice 60
activemq 57
subversion 47
cxf 46
nifi 46
solr 46
cloudstack 45
camel 40
hadoop 37
inlong 32
openmeetings 28
dolphinscheduler 27
ambari 26
tika 25
jspwiki 24
geode 23
shiro 23
spark 22
wicket 22
zeppelin 22
kylin 21
ranger 21
archiva 20
Quick Filters