apache

2,910 tracked vulnerabilities.

CVE-2013-6348
Apache Struts 2.3.15.3 - Cross-Site Scripting via Namespace Parameter
Nov 02, 2013
EPSS 0.03
CVE-2013-4390
Apache Sling Auth Core < 1.1.4 - Open Redirect via Resource Parameter
Oct 24, 2013
EPSS 0.01
CVE-2013-4295
Apache Shindig 2.5.0-beta1-2.5.0 - XML External Entity Injection in Gadget Renderer
Oct 24, 2013
EPSS 0.17
CVE-2013-4365
mod_fcgid < 2.3.9 - Heap-based Buffer Overflow in fcgid_header_bucket_read
Oct 17, 2013
EPSS 0.07
CVE-2013-2254
Apache Sling Servlets Post 2.2.0-2.3.0 - Denial of Service via deepGetOrCreateNode Infinite Loop
Oct 17, 2013
EPSS 0.01
CVE-2013-4330
Apache Camel < 2.9.7, 2.10.0-2.10.6, 2.11.0-2.11.1, 2.12.0 - Remote Code Execution via CamelFileName Header
Oct 04, 2013
EPSS 0.18
CVE-2013-4316
Apache Struts 2.0.0-2.3.15.1 - Dynamic Method Invocation
Sep 30, 2013
EPSS 0.06
CVE-2013-4310
Apache Struts 2.0.0-2.3.15.1 - Unauthenticated Access Control Bypass via Action Prefix
Sep 30, 2013
EPSS 0.09
CVE-2013-4277
Apache Subversion 1.4.0-1.7.12 and 1.8.0-1.8.1 - Arbitrary File Overwrite and Process Termination via Pidfile Symlink
Sep 16, 2013
EPSS 0.00
CVE-2013-1909
Redhat Enterprise Mrg < 0.20 - Improper Input Validation
Aug 23, 2013
EPSS 0.01
CVE-2013-2210
Apache XML Security for C++ < 1.7.2 - Heap-Based Buffer Overflow via Malformed XPointer Expressions
Aug 20, 2013
EPSS 0.02
CVE-2013-2172
Apache Santuario XML Security for Java <1.4.8/1.5.5 XML Signature Spoofing
Aug 20, 2013
EPSS 0.04
CVE-2013-2156
Apache XML Security for C++ < 1.7.1 - Heap-based Buffer Overflow in Exclusive Canonicalization
Aug 20, 2013
EPSS 0.03
CVE-2013-2155
Apache XML Security for C++ < 1.7.1 - Denial of Service and Signature Spoofing via Crafted Length Values
Aug 20, 2013
EPSS 0.02
CVE-2013-2154
Apache XML Security for C++ < 1.7.1 - Stack-based Buffer Overflow via Malformed XPointer Expressions
Aug 20, 2013
EPSS 0.02
CVE-2013-2153
Apache XML Security for C++ < 1.7.1 - XML Signature Spoofing via Crafted Reference Elements
Aug 20, 2013
EPSS 0.01
CVE-2013-2160
Apache CXF 2.5.0-2.5.9, 2.6.0-2.6.6, 2.7.0-2.7.3 - Denial of Service via Crafted XML
Aug 19, 2013
EPSS 0.12
CVE-2013-2136
Apache CloudStack < 4.1.1 - Cross-Site Scripting via Multiple Input Fields
Aug 19, 2013
EPSS 0.07
CVE-2013-2250
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Remote Code Execution via UEL Expression Injection
Aug 15, 2013
EPSS 0.06
CVE-2013-2137
Apache OFBiz 10.04.01-10.04.05, 11.04.01-11.04.02, 12.04.01 - Cross-Site Scripting in Webtools View Log Screen
Aug 15, 2013
EPSS 0.03
CVE-2013-4156
Apache OpenOffice < 4.0.0 - Out-of-bounds Write via OOXML Document
Jul 31, 2013
EPSS 0.01
CVE-2013-4131
Subversion 1.7.0-1.7.10 and 1.8.x < 1.8.1 - Authenticated Denial of Service via COPY, DELETE, or MOVE Request
Jul 31, 2013
EPSS 0.01
CVE-2013-2189
Apache OpenOffice < 4.0.0 - Memory Corruption via Invalid PLCF Data in DOC File
Jul 31, 2013
EPSS 0.01
CVE-2013-2112
Subversion < 1.6.23 and 1.7.x < 1.7.10 - Denial of Service via Connection Abort
Jul 31, 2013
EPSS 0.04
CVE-2013-2088
Subversion < 1.6.23 - Authenticated Remote Code Execution via Shell Metacharacters in Filename
Jul 31, 2013
EPSS 0.06
Products
http_server 317 tomcat 254 airflow 120 struts 90 traffic_server 82 ofbiz 74 superset 68 openoffice 60 activemq 57 subversion 47 cxf 46 nifi 46 solr 46 cloudstack 45 camel 40 hadoop 37 inlong 32 openmeetings 28 dolphinscheduler 27 ambari 26 tika 25 jspwiki 24 geode 23 shiro 23 spark 22 wicket 22 zeppelin 22 kylin 21 ranger 21 archiva 20
Quick Filters
Critical CVEs With Exploits In CISA KEV