apache
3,096 tracked vulnerabilities.
CVE-2015-5349
HIGH
Apache LDAP Studio/Apache Directory Studio <2.0.0-M10 - Command Inj...
Apr 11, 2016
CVSS 7.8
EPSS 0.02
CVE-2015-0266
HIGH
Apache Ranger < 0.5.0 - Authenticated Access Control Bypass via Direct Module URL Access
Apr 11, 2016
CVSS 7.1
EPSS 0.02
CVE-2015-0265
MEDIUM
Apache Ranger < 0.5.0 - Cross-Site Scripting via HTTP User-Agent Header
Apr 11, 2016
CVSS 6.1
EPSS 0.05
CVE-2015-5351
HIGH
Apache Tomcat <7.0.68, <8.0.31, <9.0.0.M2 - CSRF
Feb 25, 2016
CVSS 8.8
EPSS 0.09
CVE-2015-5346
HIGH
Apache Tomcat <7.0.66, 8.0.30, 9.0.0.M2 - Session Fixation
Feb 25, 2016
CVSS 8.1
EPSS 0.11
CVE-2015-5345
MEDIUM
Apache Tomcat <6.0.45-9.0.0.M2 - Info Disclosure
Feb 25, 2016
CVSS 5.3
EPSS 0.18
CVE-2015-5174
MEDIUM
Apache Tomcat 6.x < 6.0.45, 7.x < 7.0.65, 8.x < 8.0.27 - Directory Traversal via Slash Dot Dot
Feb 25, 2016
CVSS 4.3
EPSS 0.13
CVE-2015-8797
MEDIUM
Apache Solr < 5.3.1 - Cross-Site Scripting via Admin UI Stats Page Entry Parameter
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-8796
MEDIUM
Apache Solr < 5.3 - Cross-Site Scripting via Schema Browser URL Parameter
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-8795
MEDIUM
Apache Solr < 5.1.0 - Cross-Site Scripting in Admin UI Analysis and Schema-Browser Pages
Feb 15, 2016
CVSS 6.1
EPSS 0.03
CVE-2015-3252
CRITICAL
Apache CloudStack <4.5.2 - Info Disclosure
Feb 08, 2016
CVSS 9.8
EPSS 0.02
CVE-2015-3251
MEDIUM
Apache CloudStack <4.5.2 - Info Disclosure
Feb 08, 2016
CVSS 4.9
EPSS 0.02
CVE-2015-5344
CRITICAL
Apache Camel <2.15.5, <2.16.1 - Command Injection
Feb 03, 2016
CVSS 9.8
EPSS 0.07
CVE-2015-7521
HIGH
Apache Hive 1.0.0-1.2.1 - Authorization Bypass via Partition-Level Operations
Jan 29, 2016
CVSS 8.3
EPSS 0.06
CVE-2015-5259
HIGH
Apache Subversion - Remote Code Execution via Integer Overflow in read_string Function
Jan 08, 2016
CVSS 8.6
EPSS 0.57
CVE-2015-5254
CRITICAL
Apache ActiveMQ <5.13.0 - RCE
Jan 08, 2016
CVSS 9.8
EPSS 0.38
CVE-2015-7430
HIGH
Hadoop connector <2.7.0-3 - Info Disclosure
Jan 02, 2016
CVSS 8.4
EPSS 0.01
CVE-2015-1836
HIGH
IBM InfoSphere BigInsights 3.0-3.0.0.2 - Improper Access Control in ZooKeeper Coordination State
Dec 21, 2015
CVSS 7.3
EPSS 0.07
CVE-2015-1772
HIGH
IBM InfoSphere BigInsights 3.0-3.0.0.2 - Unauthenticated Authentication Bypass via LDAP Bind
Dec 21, 2015
CVSS 7.3
EPSS 0.07
CVE-2015-5204
Apache Cordova File Transfer Plugin <1.3.0 - CRLF Injection
Dec 17, 2015
EPSS 0.03
CVE-2015-6420
CRITICAL
Apache Commons Collections < 3.2.2 and < 4.1 - Remote Code Execution via Deserialization
Dec 15, 2015
CVSS 9.8
EPSS 0.19
CVE-2015-8320
Apache Cordova-Android <3.7.0 - Info Disclosure
Nov 23, 2015
EPSS 0.04
CVE-2015-5256
Apache Cordova-Android <4.1.0 - CSRF
Nov 23, 2015
EPSS 0.04
CVE-2015-5253
Apache CXF <2.7.18, <3.0.7, <3.1.3 - Auth Bypass
Nov 18, 2015
EPSS 0.06
CVE-2015-5214
LibreOffice <4.4.6,5.x <5.0.1 & Apache OpenOffice <4.1.2 - Denial of Service
Nov 10, 2015
EPSS 0.10
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters