apache
3,096 tracked vulnerabilities.
CVE-2014-3582
CRITICAL
Apache Ambari 1.2.0-2.2.2 - OS Command Injection via SSL Certificate Generation
Mar 29, 2017
CVSS 9.8
EPSS 0.02
CVE-2014-0229
MEDIUM
Apache Hadoop <0.23.11 & 2.<2.4.1 - DoS
Mar 23, 2017
CVSS 6.5
EPSS 0.02
CVE-2014-3612
Apache ActiveMQ 5.0.0-5.10.0 - Unauthenticated Authentication Bypass via Empty Password
Aug 24, 2015
EPSS 0.07
CVE-2014-1972
Apache Tapestry <5.3.6 - DoS/Code Injection
Aug 22, 2015
EPSS 0.10
CVE-2014-3576
HIGH
Apache ActiveMQ < 5.11.0 - Unauthenticated Denial of Service via Shutdown Command
Aug 14, 2015
CVSS 7.5
EPSS 0.13
CVE-2014-7810
Debian Linux < 6.0.44 - Improper Access Control
Jun 07, 2015
EPSS 0.14
CVE-2014-0230
Apache Tomcat <6.0.44, 7.x <7.0.55, 8.x <8.0.9 - DoS
Jun 07, 2015
EPSS 0.20
CVE-2014-8111
Apache Tomcat Connectors < 1.2.40 - Exposure of Sensitive Information via JkUnmount Rule Bypass
Apr 21, 2015
EPSS 0.07
CVE-2014-0227
Apache Tomcat <6.0.42, <7.0.55, <8.0.9 - DoS
Feb 16, 2015
EPSS 0.21
CVE-2014-8110
Apache ActiveMQ 5.x < 5.10.1 - Cross-Site Scripting in Web Administration Console
Feb 12, 2015
EPSS 0.07
CVE-2014-8152
Apache Santuario XML Security for Java 2.0.0-2.0.2 - XML Signature Protection Bypass via Crafted XML Document
Jan 21, 2015
EPSS 0.06
CVE-2014-9593
Apache CloudStack <4.3.2, <4.4.2 - Info Disclosure
Jan 15, 2015
EPSS 0.03
CVE-2014-10022
Apache Traffic Server < 5.1.1 - Denial of Service via Internal Buffer Sizing
Jan 13, 2015
EPSS 0.06
CVE-2014-9527
Apache POI <3.11 - DoS
Jan 06, 2015
EPSS 0.08
CVE-2014-3628
Apache Solr 4.0.0-4.10.2 - Cross-Site Scripting via Admin UI Stats Page
Jan 06, 2015
EPSS 0.05
CVE-2014-8109
Apache HTTP Server 2.3.x and 2.4.x <= 2.4.10 - Incorrect Authorization via mod_lua Module
Dec 29, 2014
EPSS 0.22
CVE-2014-8108
Redhat Enterprise Linux Desktop - Denial of Service
Dec 18, 2014
EPSS 0.10
CVE-2014-3580
Redhat Enterprise Linux Desktop - Denial of Service
Dec 18, 2014
EPSS 0.11
CVE-2014-3583
Apple Mac OS X - Memory Corruption
Dec 15, 2014
EPSS 0.11
CVE-2014-7809
Apache Struts 2.0.0-2.3.x - Cross-Site Request Forgery via Predictable Token Values
Dec 10, 2014
EPSS 0.03
CVE-2014-7807
Apache CloudStack 4.3.x < 4.3.2 and 4.4.x < 4.4.2 - Unauthenticated Authentication Bypass via Login Request
Dec 10, 2014
EPSS 0.03
CVE-2014-3627
Apache Hadoop 0.23.0-0.23.11 and 2.x < 2.5.2 - Symlink Attack via Public Tar Archive Localization
Dec 05, 2014
EPSS 0.03
CVE-2014-3629
Apache Qpid 0.30 - XML External Entity Injection via XML Exchange Module
Nov 17, 2014
EPSS 0.07
CVE-2014-0228
Apache Hive <0.13.1 - Info Disclosure
Nov 16, 2014
EPSS 0.03
CVE-2014-3502
Apache Cordova Android - Exposure of Sensitive Information via Crafted URI Scheme
Nov 15, 2014
EPSS 0.05
Products
http_server 330
tomcat 263
airflow 143
struts 90
traffic_server 82
ofbiz 76
camel 75
activemq 72
superset 68
openoffice 60
cxf 57
nifi 50
solr 47
subversion 47
cloudstack 45
hadoop 37
dolphinscheduler 32
inlong 32
openmeetings 29
ambari 26
apisix 25
tika 25
jspwiki 24
kylin 24
shiro 24
fineract 23
geode 23
spark 22
wicket 22
zeppelin 22
Quick Filters