apache

3,096 tracked vulnerabilities.

CVE-2015-5349 HIGH
Apache LDAP Studio/Apache Directory Studio <2.0.0-M10 - Command Inj...
Apr 11, 2016
CVSS 7.8
EPSS 0.02
CVE-2015-0266 HIGH
Apache Ranger < 0.5.0 - Authenticated Access Control Bypass via Direct Module URL Access
Apr 11, 2016
CVSS 7.1
EPSS 0.02
CVE-2015-0265 MEDIUM
Apache Ranger < 0.5.0 - Cross-Site Scripting via HTTP User-Agent Header
Apr 11, 2016
CVSS 6.1
EPSS 0.05
CVE-2015-5351 HIGH
Apache Tomcat <7.0.68, <8.0.31, <9.0.0.M2 - CSRF
Feb 25, 2016
CVSS 8.8
EPSS 0.09
CVE-2015-5346 HIGH
Apache Tomcat <7.0.66, 8.0.30, 9.0.0.M2 - Session Fixation
Feb 25, 2016
CVSS 8.1
EPSS 0.11
CVE-2015-5345 MEDIUM
Apache Tomcat <6.0.45-9.0.0.M2 - Info Disclosure
Feb 25, 2016
CVSS 5.3
EPSS 0.18
CVE-2015-5174 MEDIUM
Apache Tomcat 6.x < 6.0.45, 7.x < 7.0.65, 8.x < 8.0.27 - Directory Traversal via Slash Dot Dot
Feb 25, 2016
CVSS 4.3
EPSS 0.13
CVE-2015-8797 MEDIUM
Apache Solr < 5.3.1 - Cross-Site Scripting via Admin UI Stats Page Entry Parameter
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-8796 MEDIUM
Apache Solr < 5.3 - Cross-Site Scripting via Schema Browser URL Parameter
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-8795 MEDIUM
Apache Solr < 5.1.0 - Cross-Site Scripting in Admin UI Analysis and Schema-Browser Pages
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-3252 CRITICAL
Apache CloudStack <4.5.2 - Info Disclosure
Feb 08, 2016
CVSS 9.8
EPSS 0.02
CVE-2015-3251 MEDIUM
Apache CloudStack <4.5.2 - Info Disclosure
Feb 08, 2016
CVSS 4.9
EPSS 0.02
CVE-2015-5344 CRITICAL
Apache Camel <2.15.5, <2.16.1 - Command Injection
Feb 03, 2016
CVSS 9.8
EPSS 0.07
CVE-2015-7521 HIGH
Apache Hive 1.0.0-1.2.1 - Authorization Bypass via Partition-Level Operations
Jan 29, 2016
CVSS 8.3
EPSS 0.06
CVE-2015-5259 HIGH
Apache Subversion - Remote Code Execution via Integer Overflow in read_string Function
Jan 08, 2016
CVSS 8.6
EPSS 0.57
CVE-2015-5254 CRITICAL
Apache ActiveMQ <5.13.0 - RCE
Jan 08, 2016
CVSS 9.8
EPSS 0.38
CVE-2015-7430 HIGH
Hadoop connector <2.7.0-3 - Info Disclosure
Jan 02, 2016
CVSS 8.4
EPSS 0.01
CVE-2015-1836 HIGH
IBM InfoSphere BigInsights 3.0-3.0.0.2 - Improper Access Control in ZooKeeper Coordination State
Dec 21, 2015
CVSS 7.3
EPSS 0.07
CVE-2015-1772 HIGH
IBM InfoSphere BigInsights 3.0-3.0.0.2 - Unauthenticated Authentication Bypass via LDAP Bind
Dec 21, 2015
CVSS 7.3
EPSS 0.07
CVE-2015-5204
Apache Cordova File Transfer Plugin <1.3.0 - CRLF Injection
Dec 17, 2015
EPSS 0.03
CVE-2015-6420 CRITICAL
Apache Commons Collections < 3.2.2 and < 4.1 - Remote Code Execution via Deserialization
Dec 15, 2015
CVSS 9.8
EPSS 0.19
CVE-2015-8320
Apache Cordova-Android <3.7.0 - Info Disclosure
Nov 23, 2015
EPSS 0.04
CVE-2015-5256
Apache Cordova-Android <4.1.0 - CSRF
Nov 23, 2015
EPSS 0.04
CVE-2015-5253
Apache CXF <2.7.18, <3.0.7, <3.1.3 - Auth Bypass
Nov 18, 2015
EPSS 0.06
CVE-2015-5214
LibreOffice <4.4.6,5.x <5.0.1 & Apache OpenOffice <4.1.2 - Denial of Service
Nov 10, 2015
EPSS 0.10