apache

3,096 tracked vulnerabilities.

CVE-2015-0248
Apache Subversion 1.6.0-1.7.19 and 1.8.0-1.8.11 - Denial of Service via Crafted Revision Parameter Combinations
Apr 08, 2015
EPSS 0.13
CVE-2015-0202
Subversion 1.8.0-1.8.11 - Denial of Service via REPORT Requests
Apr 08, 2015
EPSS 0.08
CVE-2015-1773
Apache Flex < 4.14.0 - Cross-Site Scripting via asdoc URI
Apr 08, 2015
EPSS 0.07
CVE-2015-0225
Apache Cassandra 1.2.0-1.2.19, 2.0.0-2.0.13, 2.1.0-2.1.3 - Unauthenticated Remote Code Execution via JMX/RMI Interface
Apr 03, 2015
EPSS 0.07
CVE-2015-0252
Debian Linux < 3.1.1 - Improper Input Validation
Mar 24, 2015
EPSS 0.40
CVE-2015-0250
Canonical Ubuntu Linux < 1.7 - Denial of Service
Mar 24, 2015
EPSS 0.17
CVE-2015-2091
mod-gnutls < 0.5.1 - Unauthenticated Client Certificate Spoofing via mgs_hook_authz
Mar 13, 2015
EPSS 0.03
CVE-2015-0254
Apache Standard Taglibs < 1.2.3 - Remote Code Execution and XML External Entity Injection via JSTL XML Tags
Mar 09, 2015
EPSS 0.13
CVE-2015-0228
Apache HTTP Server < 2.4.12 - Denial of Service via Crafted WebSocket Ping Frame
Mar 08, 2015
EPSS 0.19
CVE-2015-0227
Apache WSS4J < 1.6.17 and 2.x < 2.0.2 - Security Feature Bypass via Wrapping Attacks
Feb 12, 2015
EPSS 0.08
CVE-2015-0223
Apache Qpid < 0.30 - Unauthenticated Access Restriction Bypass via 0-10 Connection Handling
Feb 02, 2015
EPSS 0.07
CVE-2014-4651 CRITICAL
Apache jclouds 1.7.3-1.7.9 - Predictable Temporary File Location
Feb 18, 2020
CVSS 9.8
EPSS 0.02
CVE-2014-0048 CRITICAL
Docker < 1.6.0 - Remote Code Execution via Insecure HTTP Downloads
Jan 02, 2020
CVSS 9.8
EPSS 0.07
CVE-2014-0212 HIGH
Apache Qpid C++ - Denial of Service via ACL Policy File Descriptor Exhaustion
Dec 13, 2019
CVSS 7.5
EPSS 0.03
CVE-2014-0219 MEDIUM
Apache Karaf < 4.0.10 - Denial of Service via Shutdown Command
Nov 15, 2017
CVSS 5.5
EPSS 0.01
CVE-2014-0073 CRITICAL
Apache Cordova In-App-Browser <0.3.2 - RCE
Oct 30, 2017
CVSS 9.8
EPSS 0.08
CVE-2014-0072 HIGH
Apache Cordova File-Transfer < 0.4.1 and Cordova 2.4.0-2.9.0 - SSL Server Spoofing via Default trustAllHosts Setting
Oct 30, 2017
CVSS 7.5
EPSS 0.08
CVE-2014-0115 HIGH
Apache Storm 0.9.0.1 - Path Traversal
Oct 30, 2017
CVSS 7.5
EPSS 0.05
CVE-2014-3624 CRITICAL
Apache Traffic Server 5.1.x - Improper Access Control via CONNECT Request Tunneling
Oct 30, 2017
CVSS 9.8
EPSS 0.04
CVE-2014-3526 HIGH
Apache Wicket < 1.5.12, 6.x < 6.17.0, and 7.x < 7.0.0-M3 - Exposure of Sensitive Information via Page Markup Identifiers
Oct 30, 2017
CVSS 7.5
EPSS 0.02
CVE-2014-3600 CRITICAL
Apache ActiveMQ 5.x < 5.10.1 - XML External Entity Injection via XPath Selector
Oct 27, 2017
CVSS 9.8
EPSS 0.10
CVE-2014-3579 CRITICAL
Apache ActiveMQ Apollo 1.0.0-1.7.0 - XML External Entity Injection via XPath Selector
Oct 27, 2017
CVSS 9.8
EPSS 0.05
CVE-2014-0030 CRITICAL
Apache Roller - XML External Entity Injection
Oct 10, 2017
CVSS 9.8
EPSS 0.17
CVE-2014-0043 MEDIUM
Apache Wicket <1.5.10,6.13.0 - Info Disclosure
Oct 03, 2017
CVSS 5.3
EPSS 0.03
CVE-2014-7808 HIGH
Apache Wicket < 1.5.13, 6.x < 6.19.0, and 7.x < 7.0.0-M5 - Predictable Encrypted URLs via CryptoMapper
Sep 15, 2017
CVSS 7.5
EPSS 0.01