apache
3,096 tracked vulnerabilities.
CVE-2015-0248
Apache Subversion 1.6.0-1.7.19 and 1.8.0-1.8.11 - Denial of Service via Crafted Revision Parameter Combinations
Apr 08, 2015
EPSS 0.13
CVE-2015-0202
Subversion 1.8.0-1.8.11 - Denial of Service via REPORT Requests
Apr 08, 2015
EPSS 0.08
CVE-2015-1773
Apache Flex < 4.14.0 - Cross-Site Scripting via asdoc URI
Apr 08, 2015
EPSS 0.07
CVE-2015-0225
Apache Cassandra 1.2.0-1.2.19, 2.0.0-2.0.13, 2.1.0-2.1.3 - Unauthenticated Remote Code Execution via JMX/RMI Interface
Apr 03, 2015
EPSS 0.07
CVE-2015-0252
Debian Linux < 3.1.1 - Improper Input Validation
Mar 24, 2015
EPSS 0.40
CVE-2015-0250
Canonical Ubuntu Linux < 1.7 - Denial of Service
Mar 24, 2015
EPSS 0.17
CVE-2015-2091
mod-gnutls < 0.5.1 - Unauthenticated Client Certificate Spoofing via mgs_hook_authz
Mar 13, 2015
EPSS 0.03
CVE-2015-0254
Apache Standard Taglibs < 1.2.3 - Remote Code Execution and XML External Entity Injection via JSTL XML Tags
Mar 09, 2015
EPSS 0.13
CVE-2015-0228
Apache HTTP Server < 2.4.12 - Denial of Service via Crafted WebSocket Ping Frame
Mar 08, 2015
EPSS 0.19
CVE-2015-0227
Apache WSS4J < 1.6.17 and 2.x < 2.0.2 - Security Feature Bypass via Wrapping Attacks
Feb 12, 2015
EPSS 0.08
CVE-2015-0223
Apache Qpid < 0.30 - Unauthenticated Access Restriction Bypass via 0-10 Connection Handling
Feb 02, 2015
EPSS 0.07
CVE-2014-4651
CRITICAL
Apache jclouds 1.7.3-1.7.9 - Predictable Temporary File Location
Feb 18, 2020
CVSS 9.8
EPSS 0.02
CVE-2014-0048
CRITICAL
Docker < 1.6.0 - Remote Code Execution via Insecure HTTP Downloads
Jan 02, 2020
CVSS 9.8
EPSS 0.07
CVE-2014-0212
HIGH
Apache Qpid C++ - Denial of Service via ACL Policy File Descriptor Exhaustion
Dec 13, 2019
CVSS 7.5
EPSS 0.03
CVE-2014-0219
MEDIUM
Apache Karaf < 4.0.10 - Denial of Service via Shutdown Command
Nov 15, 2017
CVSS 5.5
EPSS 0.01
CVE-2014-0073
CRITICAL
Apache Cordova In-App-Browser <0.3.2 - RCE
Oct 30, 2017
CVSS 9.8
EPSS 0.08
CVE-2014-0072
HIGH
Apache Cordova File-Transfer < 0.4.1 and Cordova 2.4.0-2.9.0 - SSL Server Spoofing via Default trustAllHosts Setting
Oct 30, 2017
CVSS 7.5
EPSS 0.08
CVE-2014-0115
HIGH
Apache Storm 0.9.0.1 - Path Traversal
Oct 30, 2017
CVSS 7.5
EPSS 0.05
CVE-2014-3624
CRITICAL
Apache Traffic Server 5.1.x - Improper Access Control via CONNECT Request Tunneling
Oct 30, 2017
CVSS 9.8
EPSS 0.04
CVE-2014-3526
HIGH
Apache Wicket < 1.5.12, 6.x < 6.17.0, and 7.x < 7.0.0-M3 - Exposure of Sensitive Information via Page Markup Identifiers
Oct 30, 2017
CVSS 7.5
EPSS 0.02
CVE-2014-3600
CRITICAL
Apache ActiveMQ 5.x < 5.10.1 - XML External Entity Injection via XPath Selector
Oct 27, 2017
CVSS 9.8
EPSS 0.10
CVE-2014-3579
CRITICAL
Apache ActiveMQ Apollo 1.0.0-1.7.0 - XML External Entity Injection via XPath Selector
Oct 27, 2017
CVSS 9.8
EPSS 0.05
CVE-2014-0030
CRITICAL
Apache Roller - XML External Entity Injection
Oct 10, 2017
CVSS 9.8
EPSS 0.17
CVE-2014-0043
MEDIUM
Apache Wicket <1.5.10,6.13.0 - Info Disclosure
Oct 03, 2017
CVSS 5.3
EPSS 0.03
CVE-2014-7808
HIGH
Apache Wicket < 1.5.13, 6.x < 6.19.0, and 7.x < 7.0.0-M5 - Predictable Encrypted URLs via CryptoMapper
Sep 15, 2017
CVSS 7.5
EPSS 0.01
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters