apache

3,096 tracked vulnerabilities.

CVE-2014-3582 CRITICAL
Apache Ambari 1.2.0-2.2.2 - OS Command Injection via SSL Certificate Generation
Mar 29, 2017
CVSS 9.8
EPSS 0.02
CVE-2014-0229 MEDIUM
Apache Hadoop <0.23.11 & 2.<2.4.1 - DoS
Mar 23, 2017
CVSS 6.5
EPSS 0.02
CVE-2014-3612
Apache ActiveMQ 5.0.0-5.10.0 - Unauthenticated Authentication Bypass via Empty Password
Aug 24, 2015
EPSS 0.07
CVE-2014-1972
Apache Tapestry <5.3.6 - DoS/Code Injection
Aug 22, 2015
EPSS 0.10
CVE-2014-3576 HIGH
Apache ActiveMQ < 5.11.0 - Unauthenticated Denial of Service via Shutdown Command
Aug 14, 2015
CVSS 7.5
EPSS 0.13
CVE-2014-7810
Debian Linux < 6.0.44 - Improper Access Control
Jun 07, 2015
EPSS 0.14
CVE-2014-0230
Apache Tomcat <6.0.44, 7.x <7.0.55, 8.x <8.0.9 - DoS
Jun 07, 2015
EPSS 0.20
CVE-2014-8111
Apache Tomcat Connectors < 1.2.40 - Exposure of Sensitive Information via JkUnmount Rule Bypass
Apr 21, 2015
EPSS 0.07
CVE-2014-0227
Apache Tomcat <6.0.42, <7.0.55, <8.0.9 - DoS
Feb 16, 2015
EPSS 0.21
CVE-2014-8110
Apache ActiveMQ 5.x < 5.10.1 - Cross-Site Scripting in Web Administration Console
Feb 12, 2015
EPSS 0.07
CVE-2014-8152
Apache Santuario XML Security for Java 2.0.0-2.0.2 - XML Signature Protection Bypass via Crafted XML Document
Jan 21, 2015
EPSS 0.06
CVE-2014-9593
Apache CloudStack <4.3.2, <4.4.2 - Info Disclosure
Jan 15, 2015
EPSS 0.03
CVE-2014-10022
Apache Traffic Server < 5.1.1 - Denial of Service via Internal Buffer Sizing
Jan 13, 2015
EPSS 0.06
CVE-2014-9527
Apache POI <3.11 - DoS
Jan 06, 2015
EPSS 0.08
CVE-2014-3628
Apache Solr 4.0.0-4.10.2 - Cross-Site Scripting via Admin UI Stats Page
Jan 06, 2015
EPSS 0.05
CVE-2014-8109
Apache HTTP Server 2.3.x and 2.4.x <= 2.4.10 - Incorrect Authorization via mod_lua Module
Dec 29, 2014
EPSS 0.22
CVE-2014-8108
Redhat Enterprise Linux Desktop - Denial of Service
Dec 18, 2014
EPSS 0.10
CVE-2014-3580
Redhat Enterprise Linux Desktop - Denial of Service
Dec 18, 2014
EPSS 0.11
CVE-2014-3583
Apple Mac OS X - Memory Corruption
Dec 15, 2014
EPSS 0.11
CVE-2014-7809
Apache Struts 2.0.0-2.3.x - Cross-Site Request Forgery via Predictable Token Values
Dec 10, 2014
EPSS 0.03
CVE-2014-7807
Apache CloudStack 4.3.x < 4.3.2 and 4.4.x < 4.4.2 - Unauthenticated Authentication Bypass via Login Request
Dec 10, 2014
EPSS 0.03
CVE-2014-3627
Apache Hadoop 0.23.0-0.23.11 and 2.x < 2.5.2 - Symlink Attack via Public Tar Archive Localization
Dec 05, 2014
EPSS 0.03
CVE-2014-3629
Apache Qpid 0.30 - XML External Entity Injection via XML Exchange Module
Nov 17, 2014
EPSS 0.07
CVE-2014-0228
Apache Hive <0.13.1 - Info Disclosure
Nov 16, 2014
EPSS 0.03
CVE-2014-3502
Apache Cordova Android - Exposure of Sensitive Information via Crafted URI Scheme
Nov 15, 2014
EPSS 0.05