apache

2,910 tracked vulnerabilities.

CVE-2014-3525
Apache Traffic Server 3.x-5.0.1 Health Checks - Impact Unknown
Aug 22, 2014
EPSS 0.01
CVE-2014-0232
Apache OFBiz 11.04.01-11.04.04 and 12.04.01-12.04.03 - Cross-Site Scripting in messages.ftl
Aug 22, 2014
EPSS 0.13
CVE-2014-3577
Apache HttpComponents <4.3.5-4.0.2 - Man-in-the-middle
Aug 21, 2014
EPSS 0.01
CVE-2014-3528
Opensuse - Credentials Management
Aug 19, 2014
EPSS 0.03
CVE-2014-3522
Apache Subversion <1.7.18-1.8.10 - SSL Man-in-the-Middle
Aug 19, 2014
EPSS 0.03
CVE-2014-3504
Apache Subversion - SSL Certificate Validation Bypass via NUL Byte in CN Field
Aug 19, 2014
EPSS 0.02
CVE-2014-3523
Apache HTTP Server < 2.4.10 - Memory Leak in WinNT MPM AcceptFilter
Jul 20, 2014
EPSS 0.35
CVE-2014-0231
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_cgid stdin Hang
Jul 20, 2014
EPSS 0.44
CVE-2014-0226
Apache HTTP Server 2.2.0-2.2.28 - Denial of Service via mod_status Scoreboard Handling
Jul 20, 2014
EPSS 0.75
CVE-2014-0118
Apache HTTP Server < 2.4.10 - Denial of Service via Request Body Decompression
Jul 20, 2014
EPSS 0.41
CVE-2014-0117
Apache HTTP Server < 2.4.10 - Denial of Service via mod_proxy HTTP Connection Header
Jul 20, 2014
EPSS 0.57
CVE-2014-3503
Apache Syncope 1.1.0-1.1.7 - Weak Password Generation
Jul 11, 2014
EPSS 0.02
CVE-2014-0035
Apache CXF <2.6.13 & <2.7.10 - Info Disclosure
Jul 07, 2014
EPSS 0.01
CVE-2014-0034
Apache CXF < 2.6.12 and 2.7.x < 2.7.9 - Remote Access Control Bypass via Invalid SAML Token Caching
Jul 07, 2014
EPSS 0.02
CVE-2014-0119
Apache Tomcat <6.0.40, 7.x <7.0.54, 8.x <8.0.6 - XXE
May 31, 2014
EPSS 0.04
CVE-2014-0099
Apache Tomcat <6.0.40, <7.0.53, <8.0.4 - HTTP Request Smuggling
May 31, 2014
EPSS 0.38
CVE-2014-0096
Apache Tomcat <6.0.40, 7.x <7.0.53, 8.x <8.0.4 - XSS
May 31, 2014
EPSS 0.06
CVE-2014-0095
Apache Tomcat 8.x < 8.0.4 - Denial of Service via AJP Content-Length Header
May 31, 2014
EPSS 0.10
CVE-2014-0075
Apache Tomcat <6.0.40,7.x<7.0.53,8.x<8.0.4 - DoS
May 31, 2014
EPSS 0.47
CVE-2014-0110
Apache CXF < 2.6.14 and 2.7.x < 2.7.11 - Denial of Service via Large Invalid SOAP Message
May 08, 2014
EPSS 0.06
CVE-2014-0109
Apache CXF < 2.6.14 and 2.7.x < 2.7.11 - Denial of Service via Large HTML Content-Type Request
May 08, 2014
EPSS 0.06
CVE-2014-0116
Apache Struts 2.x < 2.3.20 - Remote Code Execution via CookieInterceptor ClassLoader Manipulation
May 08, 2014
EPSS 0.03
CVE-2014-0114
Apache Commons BeanUtils <1.9.2 - RCE
Apr 30, 2014
EPSS 0.92
CVE-2014-0113
Apache Struts 2.0.0-2.3.16.1 and struts2-core < 2.3.20 - Remote Code Execution via CookieInterceptor
Apr 29, 2014
EPSS 0.82
CVE-2014-0112
Apache Struts 2.0.0-2.3.16.1 and struts2-core < 2.3.20 - Remote Code Execution via ParametersInterceptor
Apr 29, 2014
EPSS 0.92
Products
http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 shiro 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20
Quick Filters
Critical CVEs With Exploits In CISA KEV