Apache 2 powers over 10,500 websites worldwide, making it one of the most widely deployed web servers on the internet. However, this popularity also makes it a prime target for cybercriminals. Our research has identified 1,097 known vulnerabilities in Apache 2, including 178 critical-severity flaws that could lead to complete server compromise, data theft, and unauthorized access.
If your website runs on Apache 2, you could be at immediate risk. Critical vulnerabilities like CVE-2021-44228 (the Log4j2 exploit) and CVE-2009-3555 (TLS protocol flaw) have been actively exploited in real-world attacks. The good news? Most vulnerabilities are preventable with proper patching and configuration hardening.
This guide will walk you through identifying vulnerable Apache 2 installations, understanding the top threats, and implementing fixes to secure your server.
Apache 2 (Apache HTTP Server version 2.x) is a free, open-source web server that serves websites and applications across the internet. It's known for its reliability, flexibility, and ability to handle high traffic loads. Apache 2 works by receiving requests from users' browsers and delivering web content—everything from HTML pages to dynamic applications. Organizations choose Apache 2 because it's stable, well-documented, and runs on virtually every operating system.
Like any software, Apache 2 requires ongoing maintenance and security updates. Vulnerabilities are discovered regularly in Apache 2 itself and in the libraries it depends on (like Log4j2 and Commons Configuration). When a vulnerability is discovered, Apache releases a patch. However, many website administrators delay or skip updates, leaving their servers exposed. This creates a significant security gap that attackers actively exploit.
1097 CVEs found. The most critical are explained below.
Apache Commons Configuration has a vulnerability where it can be tricked into running malicious code hidden inside YAML configuration files. If your website processes YAML files from untrusted sources, attackers could inject commands that execute on your server.
Impact: An attacker could gain control of your server, steal data, install malware, or shut down your website.
↗ View on NVDLog4j2 is logging software that many Apache applications use to record events. This critical flaw allows attackers to execute code remotely by embedding malicious instructions in log messages. This is one of the most serious vulnerabilities discovered in recent years.
Impact: Attackers can take complete control of your server without needing any special access. This vulnerability has been actively exploited in the wild.
↗ View on NVDThis vulnerability exists in the encrypted connection process between your website and visitors' browsers. An attacker can manipulate this initial conversation to intercept or modify data that should be secure.
Impact: Visitor data including passwords and payment information could be intercepted or modified during transmission, compromising customer security.
↗ View on NVDApache CXF processes XML messages from web services but doesn't properly validate them. An attacker can craft special XML messages that trick your server into reading files it shouldn't or making unauthorized network requests.
Impact: Sensitive files could be exposed, your server could be used to attack other systems, or internal data could be stolen.
↗ View on NVDApache Struts has a weakness in how it handles errors. When the application encounters certain errors, it incorrectly processes user input as executable code rather than just text data.
Impact: Attackers can execute arbitrary code on your server by submitting specially crafted form data, potentially compromising your entire website.
↗ View on NVDApache Struts allows attackers to inject malicious expressions into web requests. These expressions are interpreted as code instructions rather than normal user input, allowing remote code execution.
Impact: Attackers can execute any code they want on your server without authentication, giving them complete control over your website and data.
↗ View on NVDShowing first 10 of 1091. View all on NVD ↗
| CVE ID | Severity | Score | Published | Description |
|---|---|---|---|---|
| CVE-2015-3253 | CRITICAL | 9.8 | 2015-08-13 | The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a cra… |
| CVE-2015-5344 | CRITICAL | 9.8 | 2016-02-03 | The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an … |
| CVE-2016-3082 | CRITICAL | 9.8 | 2016-04-26 | XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet locati… |
| CVE-2016-1114 | CRITICAL | 9.8 | 2016-05-11 | Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, rela… |
| CVE-2016-3087 | CRITICAL | 9.8 | 2016-06-07 | Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors… |
| CVE-2016-4438 | CRITICAL | 9.8 | 2016-07-04 | The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. |
| CVE-2016-4436 | CRITICAL | 9.8 | 2016-10-03 | Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up. |
| CVE-2016-5019 | CRITICAL | 9.8 | 2016-10-03 | CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserial… |
| CVE-2017-5638 | CRITICAL | 9.8 | 2017-03-11 | The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload atte… |
| CVE-2017-5645 | CRITICAL | 9.8 | 2017-04-17 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary paylo… |
| CVE-2017-3066 | CRITICAL | 9.8 | 2017-04-27 | Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier have a Java deserialization vulnerability in the Apache BlazeD… |
| CVE-2017-3167 | CRITICAL | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authenticatio… |
| CVE-2017-3169 | CRITICAL | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP reque… |
| CVE-2017-7679 | CRITICAL | 9.8 | 2017-06-20 | In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. |
| CVE-2017-9791 | CRITICAL | 9.8 | 2017-07-10 | The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. |
| CVE-2017-5640 | CRITICAL | 9.8 | 2017-07-10 | It was noticed that a malicious process impersonating an Impala daemon in Apache Impala (incubating) 2.7.0 to 2.8.0 could cause Impala daemons to skip authentication checks when K… |
| CVE-2012-0803 | CRITICAL | 9.8 | 2017-08-08 | The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request. |
| CVE-2016-3086 | CRITICAL | 9.8 | 2017-09-05 | The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications. |
| CVE-2016-6795 | CRITICAL | 9.8 | 2017-09-20 | In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution … |
| CVE-2017-12611 | CRITICAL | 9.8 | 2017-09-20 | In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack. |
| CVE-2012-4449 | CRITICAL | 9.8 | 2017-10-30 | Apache Hadoop before 0.23.4, 1.x before 1.0.4, and 2.x before 2.0.2 generate token passwords using a 20-bit secret when Kerberos security features are enabled, which makes it easi… |
| CVE-2014-0073 | CRITICAL | 9.8 | 2017-10-30 | The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from … |
| CVE-2017-12635 | CRITICAL | 9.8 | 2017-11-14 | Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents … |
| CVE-2017-12633 | CRITICAL | 9.8 | 2017-11-15 | The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data c… |
| CVE-2017-12634 | CRITICAL | 9.8 | 2017-11-15 | The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-serializing untrusted data ca… |
| CVE-2017-15708 | CRITICAL | 9.8 | 2017-12-11 | In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.… |
| CVE-2016-6814 | CRITICAL | 9.8 | 2018-01-18 | When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. t… |
| CVE-2017-15718 | CRITICAL | 9.8 | 2018-01-24 | The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications. |
| CVE-2018-1297 | CRITICAL | 9.8 | 2018-02-13 | When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unaut… |
| CVE-2018-1287 | CRITICAL | 9.8 | 2018-02-14 | In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeter… |
| CVE-2018-1312 | CRITICAL | 9.8 | 2018-03-26 | In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random… |
| CVE-2018-1295 | CRITICAL | 9.8 | 2018-04-02 | In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary co… |
| CVE-2018-8018 | CRITICAL | 9.8 | 2018-07-20 | In Apache Ignite before 2.4.8 and 2.5.x before 2.5.3, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possibl… |
| CVE-2018-8027 | CRITICAL | 9.8 | 2018-07-31 | Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor. |
| CVE-2011-2767 | CRITICAL | 9.8 | 2018-08-26 | mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no confi… |
| CVE-2019-0228 | CRITICAL | 9.8 | 2019-04-17 | Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. |
| CVE-2018-17198 | CRITICAL | 9.8 | 2019-05-28 | Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML… |
| CVE-2018-11773 | CRITICAL | 9.8 | 2019-07-29 | Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in… |
| CVE-2019-17531 | CRITICAL | 9.8 | 2019-10-12 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an ex… |
| CVE-2011-3923 | CRITICAL | 9.8 | 2019-11-01 | Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands. |
| CVE-2019-17564 | CRITICAL | 9.8 | 2020-04-01 | Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a… |
| CVE-2020-1959 | CRITICAL | 9.8 | 2020-05-04 | A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote C… |
| CVE-2020-1961 | CRITICAL | 9.8 | 2020-05-04 | Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject ar… |
| CVE-2018-1285 | CRITICAL | 9.8 | 2020-05-11 | Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept … |
| CVE-2020-11972 | CRITICAL | 9.8 | 2020-05-14 | Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x… |
| CVE-2020-11973 | CRITICAL | 9.8 | 2020-05-14 | Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x us… |
| CVE-2020-9480 | CRITICAL | 9.8 | 2020-06-23 | In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, howev… |
| CVE-2020-11984 | CRITICAL | 9.8 | 2020-08-07 | Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE |
| CVE-2020-5777 | CRITICAL | 9.8 | 2020-09-01 | MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote a… |
| CVE-2019-0230 | CRITICAL | 9.8 | 2020-09-14 | Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. |
| CVE-2020-17531 | CRITICAL | 9.8 | 2020-12-08 | A Java Serialization vulnerability was found in Apache Tapestry 4. Apache Tapestry 4 will attempt to deserialize the "sp" parameter even before invoking the page's validate method… |
| CVE-2020-17530 | CRITICAL | 9.8 | 2020-12-11 | Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25. |
| CVE-2020-11995 | CRITICAL | 9.8 | 2021-01-11 | A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default seriali… |
| CVE-2021-25641 | CRITICAL | 9.8 | 2021-06-01 | Each Apache Dubbo server will set a serialization id to tell the clients which serialization protocol it is working on. But for Dubbo versions before 2.7.8 or 2.6.9, an attacker c… |
| CVE-2021-30179 | CRITICAL | 9.8 | 2021-06-01 | Apache Dubbo prior to 2.6.9 and 2.7.9 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter whi… |
| CVE-2021-30180 | CRITICAL | 9.8 | 2021-06-01 | Apache Dubbo prior to 2.7.9 support Tag routing which will enable a customer to route the request to the right server. These rules are used by the customers when making a request … |
| CVE-2021-30181 | CRITICAL | 9.8 | 2021-06-01 | Apache Dubbo prior to 2.6.9 and 2.7.9 supports Script routing which will enable a customer to route the request to the right server. These rules are used by the customers when mak… |
| CVE-2021-26691 | CRITICAL | 9.8 | 2021-06-10 | In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow |
| CVE-2020-9493 | CRITICAL | 9.8 | 2021-06-16 | A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution. |
| CVE-2021-36163 | CRITICAL | 9.8 | 2021-09-07 | In Apache Dubbo, users may choose to use the Hessian protocol. The Hessian protocol is implemented on top of HTTP and passes the body of a POST request directly to a HessianSkelet… |
| CVE-2021-30690 | CRITICAL | 9.8 | 2021-09-08 | Multiple issues in apache were addressed by updating apache to version 2.4.46. This issue is fixed in Security Update 2021-004 Mojave. Multiple issues in apache. |
| CVE-2021-36161 | CRITICAL | 9.8 | 2021-09-09 | Some component in Dubbo will try to print the formated string of the input arguments, which will possibly cause RCE for a maliciously customized bean with special toString method.… |
| CVE-2021-37579 | CRITICAL | 9.8 | 2021-09-09 | The Dubbo Provider will check the incoming request and the corresponding serialization type of this request meet the configuration set by the server. But there's an exception that… |
| CVE-2021-39275 | CRITICAL | 9.8 | 2021-09-16 | ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules … |
| CVE-2021-41773 | CRITICAL | 9.8 | 2021-10-05 | A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories co… |
| CVE-2021-42013 | CRITICAL | 9.8 | 2021-10-07 | It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the director… |
| CVE-2021-38294 | CRITICAL | 9.8 | 2021-10-25 | A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift r… |
| CVE-2021-40865 | CRITICAL | 9.8 | 2021-10-25 | An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users… |
| CVE-2021-37580 | CRITICAL | 9.8 | 2021-11-16 | A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and … |
| CVE-2021-20038 | CRITICAL | 9.8 | 2021-12-08 | A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute co… |
| CVE-2021-44790 | CRITICAL | 9.8 | 2021-12-20 | A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an expl… |
| CVE-2021-45232 | CRITICAL | 9.8 | 2021-12-27 | In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin`, all APIs and authentication middl… |
| CVE-2021-31522 | CRITICAL | 9.8 | 2022-01-06 | Kylin can receive user input and load any class through Class.forName(...). This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and pr… |
| CVE-2021-43297 | CRITICAL | 9.8 | 2022-01-10 | A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the d… |
| CVE-2022-23305 | CRITICAL | 9.8 | 2022-01-18 | By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message con… |
| CVE-2021-45029 | CRITICAL | 9.8 | 2022-01-25 | Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1. |
| CVE-2022-23640 | CRITICAL | 9.8 | 2022-03-02 | Excel-Streaming-Reader is an easy-to-use implementation of a streaming Excel reader using Apache POI. Prior to xlsx-streamer 2.1.0, the XML parser that was used did apply all the … |
| CVE-2022-22720 | CRITICAL | 9.8 | 2022-03-14 | Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling |
| CVE-2022-23943 | CRITICAL | 9.8 | 2022-03-14 | Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP… |
| CVE-2022-25757 | CRITICAL | 9.8 | 2022-03-28 | In Apache APISIX before 2.13.0, when decoding JSON with duplicate keys, lua-cjson will choose the last occurred value as the result. By passing a JSON with a duplicate key, the at… |
| CVE-2021-31805 | CRITICAL | 9.8 | 2022-04-12 | The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applie… |
| CVE-2022-31813 | CRITICAL | 9.8 | 2022-06-09 | Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to … |
| CVE-2021-37404 | CRITICAL | 9.8 | 2022-06-13 | There is a potential heap buffer overflow in Apache Hadoop libhdfs native code. Opening a file path provided by user without validation may result in a denial of service or arbitr… |
| CVE-2022-33980 | CRITICAL | 9.8 | 2022-07-06 | Apache Commons Configuration performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name… |
| CVE-2022-35741 | CRITICAL | 9.8 | 2022-07-18 | Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin… |
| CVE-2022-25168 | CRITICAL | 9.8 | 2022-08-04 | Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used i… |
| CVE-2022-38054 | CRITICAL | 9.8 | 2022-09-02 | In Apache Airflow versions 2.2.4 through 2.3.3, the `database` webserver session backend was susceptible to session fixation. |
| CVE-2022-39198 | CRITICAL | 9.8 | 2022-10-18 | A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 and its earlier versions, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x … |
| CVE-2022-45136 | CRITICAL | 9.8 | 2022-11-14 | Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to r… |
| CVE-2022-45047 | CRITICAL | 9.8 | 2022-11-16 | Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The c… |
| CVE-2022-38649 | CRITICAL | 9.8 | 2022-11-22 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to con… |
| CVE-2022-40189 | CRITICAL | 9.8 | 2022-11-22 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pig Provider, Apache Airflow allows an attacker to contr… |
| CVE-2021-32824 | CRITICAL | 9.8 | 2023-01-03 | Apache Dubbo is a java based, open source RPC framework. Versions prior to 2.6.10 and 2.7.10 are vulnerable to pre-auth remote code execution via arbitrary bean manipulation in th… |
| CVE-2023-22884 | CRITICAL | 9.8 | 2023-01-21 | Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache Airflow, Apache Software Foundation Apache A… |
| CVE-2023-25613 | CRITICAL | 9.8 | 2023-02-20 | An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3. |
| CVE-2023-25690 | CRITICAL | 9.8 | 2023-03-07 | Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled … |
| CVE-2023-28326 | CRITICAL | 9.8 | 2023-03-28 | Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.0.0 Description: Attacker can elevate their privileges in any room |
| CVE-2022-45802 | CRITICAL | 9.8 | 2023-05-01 | Streampark allows any users to upload a jar as application, but there is no mandatory verification of the uploaded file type, causing users to upload some high-risk files, and may… |
| CVE-2023-31039 | CRITICAL | 9.8 | 2023-05-08 | Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file. An attacker that can influence the ServerOpti… |
| CVE-2023-25754 | CRITICAL | 9.8 | 2023-05-08 | Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0. |
| CVE-2022-47937 | CRITICAL | 9.8 | 2023-05-15 | Improper input validation in the Apache Sling Commons JSON bundle allows an attacker to trigger unexpected errors by supplying specially-crafted input. The org.apache.sling.commo… |
| CVE-2019-19791 | CRITICAL | 9.8 | 2023-05-29 | In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG se… |
| CVE-2023-34340 | CRITICAL | 9.8 | 2023-06-21 | Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authe… |
| CVE-2023-34478 | CRITICAL | 9.8 | 2023-07-24 | Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path traversal attack that results in an authentication bypass when used together with APIs or other web fram… |
| CVE-2023-40743 | CRITICAL | 9.8 | 2023-09-05 | ** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allo… |
| CVE-2022-45135 | CRITICAL | 9.8 | 2023-11-30 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Use… |
| CVE-2023-49733 | CRITICAL | 9.8 | 2023-11-30 | Improper Restriction of XML External Entity Reference vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0. Users are recommended to upgrade t… |
| CVE-2023-41313 | CRITICAL | 9.8 | 2024-03-12 | The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this is… |
| CVE-2024-27438 | CRITICAL | 9.8 | 2024-03-21 | Download of Code Without Integrity Check vulnerability in Apache Doris. The jdbc driver files used for JDBC catalog is not checked and may resulting in remote command execution. O… |
| CVE-2024-38474 | CRITICAL | 9.8 | 2024-07-01 | Substitution encoding issue in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not direct… |
| CVE-2024-38476 | CRITICAL | 9.8 | 2024-07-01 | Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response hea… |
| CVE-2024-42447 | CRITICAL | 9.8 | 2024-08-05 | Insufficient Session Expiration vulnerability in Apache Airflow Providers FAB. This issue affects Apache Airflow Providers FAB: 1.2.1 (when used with Apache Airflow 2.9.3) and FA… |
| CVE-2024-7923 | CRITICAL | 9.8 | 2024-09-04 | An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue ari… |
| CVE-2024-22399 | CRITICAL | 9.8 | 2024-09-16 | Deserialization of Untrusted Data vulnerability in Apache Seata. When developers disable authentication on the Seata-Server and do not use the Seata client SDK dependencies, the… |
| CVE-2024-53677 | CRITICAL | 9.8 | 2024-12-11 | File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a mal… |
| CVE-2024-56337 | CRITICAL | 9.8 | 2024-12-20 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33,… |
| CVE-2024-52046 | CRITICAL | 9.8 | 2024-12-25 | The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses.… |
| CVE-2024-54676 | CRITICAL | 9.8 | 2025-01-08 | Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0 Description: Default clustering instructions at https://openmeetings.apach… |
| CVE-2024-55532 | CRITICAL | 9.8 | 2025-03-03 | Improper Neutralization of Formula Elements in Export CSV feature of Apache Ranger in Apache Ranger Version < 2.6.0. Users are recommended to upgrade to version 2.6.0, which fixes… |
| CVE-2024-47552 | CRITICAL | 9.8 | 2025-03-20 | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): from 2.0.0 before 2.2.0. Severity Justificati… |
| CVE-2025-29953 | CRITICAL | 9.8 | 2025-04-18 | Deserialization of Untrusted Data vulnerability in Apache ActiveMQ NMS OpenWire Client. This issue affects Apache ActiveMQ NMS OpenWire Client before 2.1.1 when performing connec… |
| CVE-2025-47436 | CRITICAL | 9.8 | 2025-05-14 | Heap-based Buffer Overflow vulnerability in Apache ORC. A vulnerability has been identified in the ORC C++ LZO decompression logic, where specially crafted malformed ORC files ca… |
| CVE-2025-27531 | CRITICAL | 9.8 | 2025-06-06 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 before 2.1.0, this issue would allow an authenticated attacker … |
| CVE-2025-32897 | CRITICAL | 9.8 | 2025-06-28 | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This security vulnerability is the same as CVE-2024-47552, but the version range described in the CV… |
| CVE-2025-53606 | CRITICAL | 9.8 | 2025-08-08 | Deserialization of Untrusted Data vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): 2.4.0. Users are recommended to upgrade to version 2.… |
| CVE-2025-54466 | CRITICAL | 9.8 | 2025-08-15 | Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 o… |
| CVE-2025-54539 | CRITICAL | 9.8 | 2025-10-16 | A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2… |
| CVE-2025-54947 | CRITICAL | 9.8 | 2025-12-12 | In Apache StreamPark versions 2.0.0 through 2.1.7, a security vulnerability involving a hard-coded encryption key exists. This vulnerability occurs because the system uses a fixed… |
| CVE-2025-46295 | CRITICAL | 9.8 | 2025-12-16 | Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because … |
| CVE-2025-67895 | CRITICAL | 9.8 | 2025-12-17 | Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow Providers Edge3: before 2.0.0 - and only if you installed and configured it on Airflow 2. The Edge3 provid… |
| CVE-2025-60021 | CRITICAL | 9.8 | 2026-01-16 | Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command. Root… |
| CVE-2025-59059 | CRITICAL | 9.8 | 2026-03-03 | Remote Code Execution Vulnerability in NashornScriptEngineCreator is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes th… |
| CVE-2026-27446 | CRITICAL | 9.8 | 2026-03-04 | Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to fo… |
| CVE-2026-24015 | CRITICAL | 9.8 | 2026-03-09 | A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, w… |
| CVE-2026-24713 | CRITICAL | 9.8 | 2026-03-09 | Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to v… |
| CVE-2026-39920 | CRITICAL | 9.8 | 2026-04-24 | BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that all… |
| CVE-2026-41635 | CRITICAL | 9.8 | 2026-04-27 | Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname a… |
| CVE-2026-41409 | CRITICAL | 9.8 | 2026-04-27 | The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a s… |
| CVE-2026-42778 | CRITICAL | 9.8 | 2026-05-01 | The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer… |
| CVE-2026-42779 | CRITICAL | 9.8 | 2026-05-01 | The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: Apache MINA's AbstractIoBuffer.resolveClass() conta… |
| CVE-2026-42027 | CRITICAL | 9.8 | 2026-05-04 | Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The ExtensionLoader.in… |
| CVE-2026-28780 | CRITICAL | 9.8 | 2026-05-05 | Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP messa… |
| CVE-2026-45434 | CRITICAL | 9.8 | 2026-05-19 | Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are… |
| CVE-2023-30429 | CRITICAL | 9.6 | 2023-07-12 | Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. When a client connects to the Pul… |
| CVE-2023-49657 | CRITICAL | 9.6 | 2024-01-23 | A stored cross-site scripting (XSS) vulnerability exists in Apache Superset before 3.0.3. An authenticated attacker with create/update permissions on charts or dashboards could st… |
| CVE-2026-39962 | CRITICAL | 9.6 | 2026-04-09 | MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDA… |
| CVE-2026-23941 | CRITICAL | 9.4 | 2026-03-13 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is asso… |
| CVE-2017-9788 | CRITICAL | 9.1 | 2017-07-13 | In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between succe… |
| CVE-2018-1282 | CRITICAL | 9.1 | 2018-04-05 | This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in Prepare… |
| CVE-2019-10082 | CRITICAL | 9.1 | 2019-09-26 | In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. |
| CVE-2021-44140 | CRITICAL | 9.1 | 2021-11-24 | Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those … |
| CVE-2022-23944 | CRITICAL | 9.1 | 2022-01-25 | User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1. |
| CVE-2022-25312 | CRITICAL | 9.1 | 2022-03-05 | An XML external entity (XXE) injection vulnerability was discovered in the Any23 RDFa XSLTStylesheet extractor and is known to affect Any23 versions < 2.7. XML external entity inj… |
| CVE-2022-22721 | CRITICAL | 9.1 | 2022-03-14 | If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. Thi… |
| CVE-2022-28615 | CRITICAL | 9.1 | 2022-06-09 | Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While … |
| CVE-2022-37865 | CRITICAL | 9.1 | 2022-11-07 | With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts usin… |
| CVE-2022-46365 | CRITICAL | 9.1 | 2023-05-01 | Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified wh… |
| CVE-2024-38475 | CRITICAL | 9.1 | 2024-07-01 | Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the s… |
| CVE-2024-23590 | CRITICAL | 9.1 | 2024-11-04 | Session Fixation vulnerability in Apache Kylin. This issue affects Apache Kylin: from 2.0.0 through 4.x. Users are recommended to upgrade to version 5.0.0 or above, which fixes … |
| CVE-2024-45479 | CRITICAL | 9.1 | 2025-01-21 | SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue. |
| CVE-2025-27528 | CRITICAL | 9.1 | 2025-05-28 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability allows attackers to bypass the… |
| CVE-2025-23048 | CRITICAL | 9.1 | 2025-07-10 | In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control bypass by trusted clients is possible using TLS 1.3 session resumption. Configura… |
| CVE-2026-29145 | CRITICAL | 9.1 | 2026-04-09 | CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache… |
| CVE-2026-31908 | CRITICAL | 9.1 | 2026-04-14 | Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects A… |
| CVE-2026-40682 | CRITICAL | 9.1 | 2026-05-04 | XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The Dicti… |
| CVE-2026-41258 | CRITICAL | 9.1 | 2026-05-15 | OpenMRS is an open source electronic medical record system platform. From 2.7.0 to before 2.7.9 and 2.8.6, the ConceptReferenceRangeUtility.evaluateCriteria() method in OpenMRS Co… |
| CVE-2026-31986 | CRITICAL | 9.1 | 2026-05-19 | Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which … |
| CVE-2026-41919 | CRITICAL | 9.1 | 2026-05-19 | Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are r… |
| CVE-2021-40438 | CRITICAL | 9.0 | 2021-09-16 | A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. |
| CVE-2021-45046 | CRITICAL | 9.0 | 2021-12-14 | It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thre… |
| CVE-2022-36760 | CRITICAL | 9.0 | 2023-01-17 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP serv… |
| CVE-2024-52577 | CRITICAL | 9.0 | 2025-02-14 | In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an at… |
| CVE-2003-0789 | HIGH | 10.0 | 2003-11-03 | mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong… |
| CVE-2007-4548 | HIGH | 10.0 | 2007-08-27 | The login method in LoginModule implementations in Apache Geronimo 2.0 does not throw FailedLoginException for failed logins, which allows remote attackers to bypass authenticatio… |
| CVE-2008-4008 | HIGH | 10.0 | 2008-10-14 | Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote a… |
| CVE-2009-1012 | HIGH | 10.0 | 2009-04-15 | Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, … |
| CVE-2010-0425 | HIGH | 10.0 | 2010-03-05 | modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure… |
| CVE-2012-0838 | HIGH | 10.0 | 2012-03-02 | Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, an… |
| CVE-2012-2379 | HIGH | 10.0 | 2013-01-03 | Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure … |
| CVE-2013-4316 | HIGH | 10.0 | 2013-09-30 | Apache Struts 2.0.0 through 2.3.15.1 enables Dynamic Method Invocation by default, which has unknown impact and attack vectors. |
| CVE-2013-6288 | HIGH | 10.0 | 2013-10-28 | Unspecified vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 has unknown impact and remote attack vectors, related to "Insecure Unserialize." |
| CVE-2008-5518 | HIGH | 9.4 | 2009-04-17 | Multiple directory traversal vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 on Windows allow remote attackers to upload … |
| CVE-2006-6869 | HIGH | 9.3 | 2006-12-31 | Directory traversal vulnerability in includes/search/search_mdforum.php in MAXdev MDForum 2.0.1 and earlier, when magic_quotes_gpc is disabled and register_globals is enabled, all… |
| CVE-2012-3513 | HIGH | 9.3 | 2012-11-21 | munin-cgi-graph in Munin before 2.0.6, when running as a CGI module under Apache, allows remote attackers to load new configurations and create files in arbitrary directories via … |
| CVE-2013-1965 | HIGH | 9.3 | 2013-07-10 | Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is n… |
| CVE-2013-1966 | HIGH | 9.3 | 2013-07-10 | Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in… |
| CVE-2013-2134 | HIGH | 9.3 | 2013-07-16 | Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matchi… |
| CVE-2013-2135 | HIGH | 9.3 | 2013-07-16 | Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which cause… |
| CVE-2023-27524 | HIGH | 8.9 | 2023-04-24 | Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation i… |
| CVE-2016-0710 | HIGH | 8.8 | 2016-04-11 | Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2)… |
| CVE-2016-0785 | HIGH | 8.8 | 2016-04-12 | Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. |
| CVE-2016-4369 | HIGH | 8.8 | 2016-06-08 | HPE Discovery and Dependency Mapping Inventory (DDMi) 9.30, 9.31, 9.32, 9.32 update 1, 9.32 update 2, and 9.32 update 3 allows remote authenticated users to execute arbitrary comm… |
| CVE-2016-4430 | HIGH | 8.8 | 2016-07-04 | Apache Struts 2 2.3.20 through 2.3.28.1 mishandles token validation, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. |
| CVE-2016-6801 | HIGH | 8.8 | 2016-09-21 | Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3… |
| CVE-2016-5393 | HIGH | 8.8 | 2016-11-29 | In Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3, a remote user who can authenticate with the HDFS NameNode can possibly run arbitrary commands with the same privileges … |
| CVE-2016-6811 | HIGH | 8.8 | 2017-04-11 | In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. |
| CVE-2017-7661 | HIGH | 8.8 | 2017-05-16 | Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been foun… |
| CVE-2016-4461 | HIGH | 8.8 | 2017-10-16 | Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerabi… |
| CVE-2016-3090 | HIGH | 8.8 | 2017-10-30 | The TextParseUtil.translateVariables method in Apache Struts 2.x before 2.3.20 allows remote attackers to execute arbitrary code via a crafted OGNL expression with ANTLR tooling. |
| CVE-2017-12631 | HIGH | 8.8 | 2017-11-30 | Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been foun… |
| CVE-2013-0267 | HIGH | 8.8 | 2018-02-21 | The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup,… |
| CVE-2018-8028 | HIGH | 8.8 | 2018-08-23 | An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the par… |
| CVE-2018-8009 | HIGH | 8.8 | 2018-11-13 | Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that acc… |
| CVE-2018-11766 | HIGH | 8.8 | 2018-11-27 | In Apache Hadoop 2.7.4 to 2.7.6, the security fix for CVE-2016-6811 is incomplete. A user who can escalate to yarn user can possibly run arbitrary commands as root user. |
| CVE-2018-8029 | HIGH | 8.8 | 2019-05-30 | In Apache Hadoop versions 3.0.0-alpha1 to 3.1.0, 2.9.0 to 2.9.1, and 2.2.0 to 2.8.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. |
| CVE-2018-17196 | HIGH | 8.8 | 2019-07-11 | In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated cl… |
| CVE-2019-13980 | HIGH | 8.8 | 2019-07-19 | In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx. |
| CVE-2016-1487 | HIGH | 8.8 | 2020-03-09 | Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization. |
| CVE-2020-11112 | HIGH | 8.8 | 2020-03-31 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvid… |
| CVE-2020-1956 | HIGH | 8.8 | 2020-05-22 | Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute a… |
| CVE-2020-17532 | HIGH | 8.8 | 2021-01-25 | When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions b… |
| CVE-2020-9492 | HIGH | 8.8 | 2021-01-26 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. |
| CVE-2020-13936 | HIGH | 8.8 | 2021-03-10 | An attacker that is able to modify Velocity templates may execute arbitrary Java code or run arbitrary system commands with the same privileges as the account running the Servlet … |
| CVE-2021-30245 | HIGH | 8.8 | 2021-04-15 | The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also … |
| CVE-2021-36162 | HIGH | 8.8 | 2021-09-07 | Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zooke… |
| CVE-2022-23302 | HIGH | 8.8 | 2022-01-18 | JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration refer… |
| CVE-2022-24288 | HIGH | 8.8 | 2022-02-25 | In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI. |
| CVE-2022-24947 | HIGH | 8.8 | 2022-02-25 | Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later. |
| CVE-2021-33036 | HIGH | 8.8 | 2022-06-15 | In Apache Hadoop 2.2.0 to 2.10.1, 3.0.0-alpha1 to 3.1.4, 3.2.0 to 3.2.2, and 3.3.0 to 3.3.1, a user who can escalate to yarn user can possibly run arbitrary commands as root user.… |
| CVE-2022-36364 | HIGH | 8.8 | 2022-07-28 | Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if th… |
| CVE-2022-34158 | HIGH | 8.8 | 2022-08-04 | A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attac… |
| CVE-2021-25642 | HIGH | 8.8 | 2022-08-25 | ZKConfigurationStore which is optionally used by CapacityScheduler of Apache Hadoop YARN deserializes data obtained from ZooKeeper without validation. An attacker having access to… |
| CVE-2022-37435 | HIGH | 8.8 | 2022-09-01 | Apache ShenYu Admin has insecure permissions, which may allow low-privilege administrators to modify high-privilege administrator's passwords. This issue affects Apache ShenYu 2.4… |
| CVE-2022-40127 | HIGH | 8.8 | 2022-11-14 | A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. Thi… |
| CVE-2022-46157 | HIGH | 8.8 | 2022-12-09 | Akeneo PIM is an open source Product Information Management (PIM). Akeneo PIM Community Edition versions before v5.0.119 and v6.0.53 allows remote authenticated users to execute a… |
| CVE-2022-34271 | HIGH | 8.8 | 2022-12-14 | A vulnerability in import module of Apache Atlas allows an authenticated user to write to web server filesystem. This issue affects Apache Atlas versions from 0.8.4 to 2.2.0. |
| CVE-2022-43719 | HIGH | 8.8 | 2023-01-16 | Two legacy REST API endpoints for approval and request access are vulnerable to cross site request forgery. This issue affects Apache Superset version 1.5.2 and prior versions and… |
| CVE-2023-25194 | HIGH | 8.8 | 2023-02-07 | A possible security vulnerability has been identified in Apache Kafka Connect API. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on i… |
| CVE-2022-42735 | HIGH | 8.8 | 2023-02-15 | Improper Privilege Management vulnerability in Apache Software Foundation Apache ShenYu. ShenYu Admin allows low-privilege low-level administrators create users with higher priv… |
| CVE-2023-0100 | HIGH | 8.8 | 2023-03-15 | In Eclipse BIRT, starting from version 2.6.2, the default configuration allowed to retrieve a report from the same host using an absolute HTTP path for the report parameter (e.g. … |
| CVE-2022-46302 | HIGH | 8.8 | 2023-04-20 | Broad access controls could allow site users to directly interact with the system Apache installation when providing the reverse proxy configurations for Tribe29's Checkmk <= 2.1.… |
| CVE-2023-39508 | HIGH | 8.8 | 2023-08-05 | Execution with Unnecessary Privileges, : Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Airflow.The "Run Task" featu… |
| CVE-2023-1713 | HIGH | 8.8 | 2023-11-01 | Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to ex… |
| CVE-2023-50379 | HIGH | 8.8 | 2024-02-27 | Malicious code injection in Apache Ambari in prior to 2.7.8. Users are recommended to upgrade to version 2.7.8, which fixes this issue. Impact: A Cluster Operator can manipulate … |
| CVE-2024-39877 | HIGH | 8.8 | 2024-07-17 | Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code i… |
| CVE-2024-23321 | HIGH | 8.8 | 2024-07-22 | For RocketMQ versions 5.2.0 and below, under certain conditions, there is a risk of exposure of sensitive Information to an unauthorized actor even if RocketMQ is enabled with aut… |
| CVE-2024-45034 | HIGH | 8.8 | 2024-09-07 | Apache Airflow versions before 2.10.1 have a vulnerability that allows DAG authors to add local settings to the DAG folder and get it executed by the scheduler, where the schedule… |
| CVE-2024-45498 | HIGH | 8.8 | 2024-09-07 | Example DAG: example_inlet_event_extra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to … |
| CVE-2023-50780 | HIGH | 8.8 | 2024-10-14 | Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29… |
| CVE-2024-53678 | HIGH | 8.8 | 2025-03-25 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache VCL. Users can modify form data submitted when requesting a new Block … |
| CVE-2025-48734 | HIGH | 8.8 | 2025-05-28 | Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared… |
| CVE-2025-27818 | HIGH | 8.8 | 2025-06-10 | A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to c… |
| CVE-2025-53689 | HIGH | 8.8 | 2025-07-14 | Blind XXE Vulnerabilities in jackrabbit-spi-commons and jackrabbit-core in Apache Jackrabbit < 2.23.2 due to usage of an unsecured document build to load privileges. Users are re… |
| CVE-2025-66524 | HIGH | 8.8 | 2025-12-19 | Apache NiFi 1.20.0 through 2.6.0 include the GetAsanaObject Processor, which requires integration with a configurable Distribute Map Cache Client Service for storing and retrievin… |
| CVE-2025-54920 | HIGH | 8.8 | 2026-03-16 | This issue affects Apache Spark: before 3.5.7 and 4.0.1. Users are recommended to upgrade to version 3.5.7 or 4.0.1 and above, which fixes the issue. Summary Apache Spark 3.… |
| CVE-2026-35337 | HIGH | 8.8 | 2026-04-13 | Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6. Description: When processing topology credentials submitted via the Nimbus Thr… |
| CVE-2026-24072 | HIGH | 8.8 | 2026-05-04 | An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are … |
| CVE-2026-23918 | HIGH | 8.8 | 2026-05-04 | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to ver… |
| CVE-2026-39816 | HIGH | 8.8 | 2026-05-08 | The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The T… |
| CVE-2026-46586 | HIGH | 8.8 | 2026-05-19 | Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') vulnerability in Apache OFBiz. T… |
| CVE-2017-6062 | HIGH | 8.6 | 2017-03-02 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeade… |
| CVE-2017-6413 | HIGH | 8.6 | 2017-03-02 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM_ and OIDCAuthNHeade… |
| CVE-2022-23470 | HIGH | 8.6 | 2022-12-06 | Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any fi… |
| CVE-2023-32315 | HIGH | 8.6 | 2023-05-26 | Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web-based application, was found to be vulnerable to a path traversa… |
| CVE-2024-23673 | HIGH | 8.5 | 2024-02-06 | Malicious code execution via path traversal in Apache Software Foundation Apache Sling Servlets Resolver.This issue affects all version of Apache Sling Servlets Resolver before 2.… |
| CVE-2024-27135 | HIGH | 8.5 | 2024-03-12 | Improper input validation in the Pulsar Function Worker allows a malicious authenticated user to execute arbitrary Java code on the Pulsar Function worker, outside of the sandboxe… |
| CVE-2024-27894 | HIGH | 8.5 | 2024-03-12 | The Pulsar Functions Worker includes a capability that permits authenticated users to create functions where the function's implementation is referenced by a URL. The supported UR… |
| CVE-2006-1078 | HIGH | 8.4 | 2006-03-09 | Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command … |
| CVE-2022-45048 | HIGH | 8.4 | 2023-05-05 | Authenticated users with appropriate privileges can create policies having expressions that can exploit code execution vulnerability. This issue affects Apache Ranger: 2.3.0. User… |
| CVE-2024-27317 | HIGH | 8.4 | 2024-03-12 | In Pulsar Functions Worker, authenticated users can upload functions in jar or nar files. These files, essentially zip files, are extracted by the Functions Worker. However, if a … |
| CVE-2025-58098 | HIGH | 8.3 | 2025-12-05 | Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives. … |
| CVE-2026-44966 | HIGH | 8.3 | 2026-05-26 | Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This iss… |
| CVE-2020-11988 | HIGH | 8.2 | 2021-02-24 | Apache XmlGraphics Commons 2.4 and earlier is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argumen… |
| CVE-2021-44224 | HIGH | 8.2 | 2021-12-20 | A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy d… |
| CVE-2023-30428 | HIGH | 8.2 | 2023-07-12 | Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message t… |
| CVE-2023-37579 | HIGH | 8.2 | 2023-07-12 | Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: before 2.10.4, and 2.11.0. Any authenticated… |
| CVE-2022-46751 | HIGH | 8.2 | 2023-08-21 | Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any vers… |
| CVE-2022-34321 | HIGH | 8.2 | 2024-03-12 | Improper Authentication vulnerability in Apache Pulsar Proxy allows an attacker to connect to the /proxy-stats endpoint without authentication. The vulnerable endpoint exposes det… |
| CVE-2025-66675 | HIGH | 8.2 | 2025-12-10 | Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.4, fr… |
| CVE-2025-40932 | HIGH | 8.2 | 2026-02-27 | Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::Session… |
| CVE-2013-2115 | HIGH | 8.1 | 2013-07-10 | Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in… |
| CVE-2015-5348 | HIGH | 8.1 | 2016-04-15 | Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote atta… |
| CVE-2016-3081 | HIGH | 8.1 | 2016-04-26 | Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method:… |
| CVE-2015-7611 | HIGH | 8.1 | 2016-06-07 | Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors. |
| CVE-2016-5387 | HIGH | 8.1 | 2016-07-19 | The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY envi… |
| CVE-2017-9805 | HIGH | 8.1 | 2017-09-15 | The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type … |
| CVE-2017-15715 | HIGH | 8.1 | 2018-03-26 | In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the … |
| CVE-2018-8025 | HIGH | 8.1 | 2018-06-27 | CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP. There is a race-condition which could lead to authenticate… |
| CVE-2018-8042 | HIGH | 8.1 | 2018-07-18 | Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled f… |
| CVE-2018-11776 | HIGH | 8.1 | 2018-08-22 | Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Conventio… |
| CVE-2018-11777 | HIGH | 8.1 | 2018-11-08 | In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is … |
| CVE-2020-14060 | HIGH | 8.1 | 2020-06-14 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (ak… |
| CVE-2020-17533 | HIGH | 8.1 | 2020-12-29 | Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user… |
| CVE-2022-29240 | HIGH | 8.1 | 2022-09-15 | Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user… |
| CVE-2022-41672 | HIGH | 8.1 | 2022-10-07 | In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API. |
| CVE-2022-33684 | HIGH | 8.1 | 2022-11-04 | The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disable… |
| CVE-2022-45381 | HIGH | 8.1 | 2022-11-15 | Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library tha… |
| CVE-2021-40331 | HIGH | 8.1 | 2023-05-05 | An Incorrect Permission Assignment for Critical Resource vulnerability was found in the Apache Ranger Hive Plugin. Any user with SELECT privilege on a database can alter the owner… |
| CVE-2023-37379 | HIGH | 8.1 | 2023-08-23 | Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerabil… |
| CVE-2024-28746 | HIGH | 8.1 | 2024-03-14 | Apache Airflow, versions 2.8.0 through 2.8.2, has a vulnerability that allows an authenticated user with limited permissions to access resources such as variables, connections, et… |
| CVE-2024-32030 | HIGH | 8.1 | 2024-06-19 | Kafka UI is an Open-Source Web UI for Apache Kafka Management. Kafka UI API allows users to connect to different Kafka brokers by specifying their network address and port. As a s… |
| CVE-2024-38473 | HIGH | 8.1 | 2024-07-01 | Encoding problem in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentica… |
| CVE-2024-45033 | HIGH | 8.1 | 2025-01-08 | Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. This issue affects Apache Airflow Fab Provider: before 1.5.2. When user password has been changed w… |
| CVE-2025-26521 | HIGH | 8.1 | 2025-06-10 | When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used t… |
| CVE-2025-68493 | HIGH | 8.1 | 2026-01-11 | Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users a… |
| CVE-2026-40563 | HIGH | 8.1 | 2026-05-04 | Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query st… |
| CVE-2026-35194 | HIGH | 8.1 | 2026-05-15 | Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary … |
| CVE-2026-45760 | HIGH | 8.1 | 2026-05-21 | (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubern… |
| CVE-2026-45361 | HIGH | 8.1 | 2026-05-25 | Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to i… |
| CVE-2022-45064 | HIGH | 8.0 | 2023-04-13 | The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level… |
| CVE-2022-42009 | HIGH | 8.0 | 2023-07-12 | SpringEL injection in the server agent in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to u… |
| CVE-2022-45855 | HIGH | 8.0 | 2023-07-12 | SpringEL injection in the metrics source in Apache Ambari version 2.7.0 to 2.7.6 allows a malicious authenticated user to execute arbitrary code remotely. Users are recommended to… |
| CVE-2023-40273 | HIGH | 8.0 | 2023-08-23 | The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up unti… |
| CVE-2023-49145 | HIGH | 7.9 | 2023-11-27 | Apache NiFi 0.7.0 through 1.23.2 include the JoltTransformJSON Processor, which provides an advanced configuration user interface that is vulnerable to DOM-based cross-site script… |
| CVE-2002-0653 | HIGH | 7.8 | 2002-07-11 | Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute a… |
| CVE-2004-0747 | HIGH | 7.8 | 2004-10-20 | Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables. |
| CVE-2006-2806 | HIGH | 7.8 | 2006-06-05 | The SMTP server in Apache Java Mail Enterprise Server (aka Apache James) 2.2.0 allows remote attackers to cause a denial of service (CPU consumption) via a long argument to the MA… |
| CVE-2007-6423 | HIGH | 7.8 | 2008-01-12 | Unspecified vulnerability in mod_proxy_balancer for Apache HTTP Server 2.2.x before 2.2.7-dev, when running on Windows, allows remote attackers to trigger memory corruption via a … |
| CVE-2011-3192 | HIGH | 7.8 | 2011-08-29 | The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumpti… |
| CVE-2011-5034 | HIGH | 7.8 | 2011-12-30 | Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to… |
| CVE-2015-5349 | HIGH | 7.8 | 2016-04-11 | The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands … |
| CVE-2016-2175 | HIGH | 7.8 | 2016-06-01 | Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity (XXE) attack… |
| CVE-2017-12612 | HIGH | 7.8 | 2017-09-13 | In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the lau… |
| CVE-2017-3166 | HIGH | 7.8 | 2017-11-13 | In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YA… |
| CVE-2016-8742 | HIGH | 7.8 | 2018-02-12 | The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent direc… |
| CVE-2019-0211 | HIGH | 7.8 | 2019-04-08 | In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by… |
| CVE-2022-41131 | HIGH | 7.8 | 2022-11-22 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to exec… |
| CVE-2024-32656 | HIGH | 7.8 | 2024-04-22 | Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system … |
| CVE-2024-58273 | HIGH | 7.8 | 2025-10-30 | Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user (or the… |
| CVE-2023-49734 | HIGH | 7.7 | 2023-12-19 | An authenticated Gamma user has the ability to create a dashboard and add charts to it, this user would automatically become one of the owners of the charts allowing him to incorr… |
| CVE-2026-23529 | HIGH | 7.7 | 2026-01-16 | Kafka Connect BigQuery Connector is an implementation of a sink connector from Apache Kafka to Google BigQuery. Prior to 2.11.0, there is an arbitrary file read in Google BigQuery… |
| CVE-2006-3747 | HIGH | 7.6 | 2006-07-28 | Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is… |
| CVE-2023-44313 | HIGH | 7.6 | 2024-01-31 | Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This is… |
| CVE-2024-48988 | HIGH | 7.6 | 2025-08-22 | SQL Injection vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to version 2.1.6, which fixes t… |
| CVE-2002-0082 | HIGH | 7.5 | 2002-03-15 | The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which… |
| CVE-2002-0061 | HIGH | 7.5 | 2002-03-21 | Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as argum… |
| CVE-2002-0392 | HIGH | 7.5 | 2002-07-03 | Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request… |
| CVE-2002-0661 | HIGH | 7.5 | 2002-08-12 | Directory traversal vulnerability in Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to read arbitrary files and execute commands via .. (dot dot) s… |
| CVE-2002-0843 | HIGH | 7.5 | 2002-10-11 | Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of servi… |
| CVE-2002-1157 | HIGH | 7.5 | 2002-11-04 | Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute scr… |
| CVE-2002-1850 | HIGH | 7.5 | 2002-12-31 | mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a l… |
| CVE-2003-0016 | HIGH | 7.5 | 2003-02-07 | Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP req… |
| CVE-2003-0249 | HIGH | 7.5 | 2003-12-31 | PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, s… |
| CVE-2003-1171 | HIGH | 7.5 | 2003-12-31 | Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side scri… |
| CVE-2004-0174 | HIGH | 7.5 | 2004-05-04 | Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new … |
| CVE-2004-0700 | HIGH | 7.5 | 2004-07-27 | Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute ar… |
| CVE-2004-0885 | HIGH | 7.5 | 2004-11-03 | The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictio… |
| CVE-2004-0811 | HIGH | 7.5 | 2004-12-31 | Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specif… |
| CVE-2004-1404 | HIGH | 7.5 | 2004-12-31 | Attachment Mod 2.3.10 module for phpBB, when used with Apache mod_mime, does not properly handle files with multiple file extensions, such as .php.rar, which allows remote attacke… |
| CVE-2004-1765 | HIGH | 7.5 | 2004-12-31 | Off-by-one buffer overflow in ModSecurity (mod_security) 1.7.4 for Apache 2.x, when SecFilterScanPost is enabled, allows remote attackers to execute arbitrary code via crafted POS… |
| CVE-2005-1344 | HIGH | 7.5 | 2005-05-02 | Buffer overflow in htdigest in Apache 2.0.52 may allow attackers to execute arbitrary code via a long realm argument. NOTE: since htdigest is normally only locally accessible and… |
| CVE-2005-2963 | HIGH | 7.5 | 2005-10-13 | The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when … |
| CVE-2005-3392 | HIGH | 7.5 | 2005-11-01 | Unspecified vulnerability in PHP before 4.4.1, when using the virtual function on Apache 2, allows remote attackers to bypass safe_mode and open_basedir directives. |
| CVE-2007-0792 | HIGH | 7.5 | 2007-02-06 | The mod_perl initialization script in Bugzilla 2.23.3 does not set the Bugzilla Apache configuration to allow .htaccess permissions to override file permissions, which allows remo… |
| CVE-2007-1842 | HIGH | 7.5 | 2007-04-03 | Directory traversal vulnerability in login.php in JSBoard before 2.0.12 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the table parame… |
| CVE-2007-5797 | HIGH | 7.5 | 2007-11-03 | SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attemp… |
| CVE-2007-6258 | HIGH | 7.5 | 2008-02-19 | Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2)… |
| CVE-2008-2384 | HIGH | 7.5 | 2009-01-22 | SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte cha… |
| CVE-2009-2699 | HIGH | 7.5 | 2009-10-13 | The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.1… |
| CVE-2009-3923 | HIGH | 7.5 | 2009-11-10 | The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified ac… |
| CVE-2010-1632 | HIGH | 7.5 | 2010-06-22 | Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for Web Services 6.1.0.9 through 6.1.0.32, IBM Feature Pack for… |
| CVE-2011-4668 | HIGH | 7.5 | 2011-12-02 | IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to an unspecified CGI program used with the Apache HTTP Server. |
| CVE-2012-3376 | HIGH | 7.5 | 2012-07-12 | DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName… |
| CVE-2013-1768 | HIGH | 7.5 | 2013-07-11 | The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserializ… |
| CVE-2013-2249 | HIGH | 7.5 | 2013-07-23 | mod_session_dbd.c in the mod_session_dbd module in the Apache HTTP Server before 2.4.5 proceeds with save operations for a session without considering the dirty flag and the requi… |
| CVE-2013-4365 | HIGH | 7.5 | 2013-10-17 | Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to ha… |
| CVE-2012-6637 | HIGH | 7.5 | 2014-03-03 | Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of domain-name regular expressions, which allows remote attackers to bypass a whitelist… |
| CVE-2014-1881 | HIGH | 7.5 | 2014-03-03 | Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted… |
| CVE-2014-1882 | HIGH | 7.5 | 2014-03-03 | Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to bypass intended device-resource restrictions of an event-based bridge via a crafted… |
| CVE-2014-1884 | HIGH | 7.5 | 2014-03-03 | Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do not properly restrict navigation events, which allows remote attackers to bypass … |
| CVE-2014-0002 | HIGH | 7.5 | 2014-03-21 | The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML doc… |
| CVE-2014-0003 | HIGH | 7.5 | 2014-03-21 | The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafte… |
| CVE-2014-0107 | HIGH | 7.5 | 2014-04-15 | The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote att… |
| CVE-2014-0112 | HIGH | 7.5 | 2014-04-29 | ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and ex… |
| CVE-2014-0113 | HIGH | 7.5 | 2014-04-29 | CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attacker… |
| CVE-2015-0225 | HIGH | 7.5 | 2015-04-03 | The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfa… |
| CVE-2015-1831 | HIGH | 7.5 | 2015-07-16 | The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "compromise internal state of an application" via unspecified vectors. |
| CVE-2015-0859 | HIGH | 7.5 | 2015-12-03 | The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes argum… |
| CVE-2016-0956 | HIGH | 7.5 | 2016-02-10 | The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspeci… |
| CVE-2016-2171 | HIGH | 7.5 | 2016-04-11 | The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) dele… |
| CVE-2016-4431 | HIGH | 7.5 | 2016-07-04 | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks by leveraging a default method. |
| CVE-2016-4433 | HIGH | 7.5 | 2016-07-04 | Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to bypass intended access restrictions and conduct redirection attacks via a crafted request. |
| CVE-2016-4979 | HIGH | 7.5 | 2016-07-06 | The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not properly recognize the "SSLVerifyClient require" directive for HTTP/2 request author… |
| CVE-2016-8740 | HIGH | 7.5 | 2016-12-05 | The mod_http2 module in the Apache HTTP Server 2.4.17 through 2.4.23, when the Protocols configuration includes h2 or h2c, does not restrict request-header length, which allows re… |
| CVE-2017-6059 | HIGH | 7.5 | 2017-04-12 | Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a mali… |
| CVE-2016-3083 | HIGH | 7.5 | 2017-05-30 | Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connect… |
| CVE-2017-7669 | HIGH | 7.5 | 2017-06-05 | In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enab… |
| CVE-2017-7668 | HIGH | 7.5 | 2017-06-20 | The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input st… |
| CVE-2017-7686 | HIGH | 7.5 | 2017-06-28 | Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance im… |
| CVE-2017-5652 | HIGH | 7.5 | 2017-07-10 | During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to … |
| CVE-2017-9787 | HIGH | 7.5 | 2017-07-13 | When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33. |
| CVE-2017-9789 | HIGH | 7.5 | 2017-07-13 | When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially errati… |
| CVE-2017-7659 | HIGH | 7.5 | 2017-07-26 | A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process. |
| CVE-2016-0736 | HIGH | 7.5 | 2017-07-27 | In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (… |
| CVE-2016-2161 | HIGH | 7.5 | 2017-07-27 | In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid … |
| CVE-2016-8743 | HIGH | 7.5 | 2017-07-27 | Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. Accepting these differ… |
| CVE-2011-4343 | HIGH | 7.5 | 2017-08-08 | Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters. |
| CVE-2015-5209 | HIGH | 7.5 | 2017-08-29 | Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object. |
| CVE-2017-9798 | HIGH | 7.5 | 2017-09-18 | Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigur… |
| CVE-2017-9793 | HIGH | 7.5 | 2017-09-20 | The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using m… |
| CVE-2017-9804 | HIGH | 7.5 | 2017-09-20 | In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare … |
| CVE-2015-0226 | HIGH | 7.5 | 2017-10-30 | Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier fo… |
| CVE-2012-0881 | HIGH | 7.5 | 2017-10-30 | Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table … |
| CVE-2014-0072 | HIGH | 7.5 | 2017-10-30 | ios/CDVFileTransfer.m in the Apache Cordova File-Transfer standalone plugin (org.apache.cordova.file-transfer) before 0.4.2 for iOS and the File-Transfer plugin for iOS from Cordo… |
| CVE-2012-3353 | HIGH | 7.5 | 2018-01-09 | The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including loc… |
| CVE-2017-12626 | HIGH | 7.5 | 2018-01-29 | Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 6129… |
| CVE-2018-1316 | HIGH | 7.5 | 2018-03-05 | The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potentia… |
| CVE-2017-15710 | HIGH | 7.5 | 2018-03-26 | In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup … |
| CVE-2018-1303 | HIGH | 7.5 | 2018-03-26 | A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared m… |
| CVE-2018-1327 | HIGH | 7.5 | 2018-03-27 | The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrad… |
| CVE-2018-1333 | HIGH | 7.5 | 2018-06-18 | By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service. Fixed in Apache HTTP Serv… |
| CVE-2018-8011 | HIGH | 7.5 | 2018-07-18 | By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. F… |
| CVE-2018-17199 | HIGH | 7.5 | 2019-01-30 | In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expiry time to be ignored for mod_s… |
| CVE-2019-0190 | HIGH | 7.5 | 2019-01-30 | A bug exists in the way mod_ssl handled client renegotiations. A remote attacker could send a carefully crafted request that would cause mod_ssl to enter a loop leading to a denia… |
| CVE-2018-1296 | HIGH | 7.5 | 2019-02-07 | In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level sea… |
| CVE-2019-0212 | HIGH | 7.5 | 2019-03-28 | In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1.0-2.1.3), authorization was incorrectly applied to users of the HBase REST server. Requests sent to the HBas… |
| CVE-2019-0225 | HIGH | 7.5 | 2019-03-28 | A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an attacker to obtai… |
| CVE-2019-0215 | HIGH | 7.5 | 2019-04-08 | In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl when using per-location client certificate verification with TLSv1.3 allowed a client to bypass configured a… |
| CVE-2019-0217 | HIGH | 7.5 | 2019-04-08 | In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in mod_auth_digest when running in a threaded server could allow a user with valid credentials to authenticate… |
| CVE-2019-0194 | HIGH | 7.5 | 2019-04-30 | Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x (2.19 and earlier) versions may be also af… |
| CVE-2019-0227 | HIGH | 7.5 | 2019-05-01 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the proje… |
| CVE-2019-0188 | HIGH | 7.5 | 2019-05-28 | Apache Camel prior to 2.24.0 contains an XML external entity injection (XXE) vulnerability (CWE-611) due to using an outdated vulnerable JSON-lib library. This affects only the ca… |
| CVE-2019-0231 | HIGH | 7.5 | 2019-10-01 | Handling of the close_notify SSL/TLS message does not lead to a connection closure, leading the server to retain the socket opened and to have the client potentially receive clear… |
| CVE-2018-11768 | HIGH | 7.5 | 2019-10-04 | In Apache Hadoop 3.1.0 to 3.1.1, 3.0.0-alpha1 to 3.0.3, 2.9.0 to 2.9.1, and 2.0.0-alpha to 2.8.4, the user/group information can be corrupted across storing in fsimage and reading… |
| CVE-2019-10084 | HIGH | 7.5 | 2019-11-05 | In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to the IDs of active Impala queries or sessions can interact with those sessions or queries via a specially-cons… |
| CVE-2019-12399 | HIGH | 7.5 | 2020-01-14 | When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on tha… |
| CVE-2020-1929 | HIGH | 7.5 | 2020-01-15 | The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate ver… |
| CVE-2020-11971 | HIGH | 7.5 | 2020-05-14 | Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0. |
| CVE-2020-11993 | HIGH | 7.5 | 2020-08-07 | Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong con… |
| CVE-2020-9490 | HIGH | 7.5 | 2020-08-07 | Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to… |
| CVE-2019-0233 | HIGH | 7.5 | 2020-09-14 | An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload. |
| CVE-2018-11765 | HIGH | 7.5 | 2020-09-30 | In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled … |
| CVE-2021-26117 | HIGH | 7.5 | 2021-01-27 | The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache … |
| CVE-2021-26118 | HIGH | 7.5 | 2021-01-27 | While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access c… |
| CVE-2020-17516 | HIGH | 7.5 | 2021-02-03 | Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, when using 'dc' or 'rack' internode_encryption setting, allows both encrypted an… |
| CVE-2021-26296 | HIGH | 7.5 | 2021-02-19 | In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and expli… |
| CVE-2020-13924 | HIGH | 7.5 | 2021-03-17 | In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files. |
| CVE-2021-22696 | HIGH | 7.5 | 2021-04-02 | CXF supports (via JwtRequestCodeFilter) passing OAuth 2 parameters via a JWT token as opposed to query parameters (see: The OAuth 2.0 Authorization Framework: JWT Secured Authoriz… |
| CVE-2020-13950 | HIGH | 7.5 | 2021-06-10 | Apache HTTP Server versions 2.4.41 to 2.4.46 mod_proxy_http can be made to crash (NULL pointer dereference) with specially crafted requests using both Content-Length and Transfer-… |
| CVE-2021-26690 | HIGH | 7.5 | 2021-06-10 | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial O… |
| CVE-2021-31618 | HIGH | 7.5 | 2021-06-15 | Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 proto… |
| CVE-2021-33900 | HIGH | 7.5 | 2021-07-26 | While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While i… |
| CVE-2021-33193 | HIGH | 7.5 | 2021-08-16 | A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP S… |
| CVE-2021-34798 | HIGH | 7.5 | 2021-09-16 | Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier. |
| CVE-2021-36160 | HIGH | 7.5 | 2021-09-16 | A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 … |
| CVE-2021-40690 | HIGH | 7.5 | 2021-09-19 | All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when cre… |
| CVE-2021-43557 | HIGH | 7.5 | 2021-11-22 | The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The $request_uri is the full original request URI without normalization. This makes it … |
| CVE-2021-4104 | HIGH | 7.5 | 2021-12-14 | JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingNam… |
| CVE-2021-45457 | HIGH | 7.5 | 2022-01-06 | In Apache Kylin, Cross-origin requests with credentials are allowed to be sent from any origin. This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 … |
| CVE-2021-45458 | HIGH | 7.5 | 2022-01-06 | Apache Kylin provides encryption classes PasswordPlaceholderConfigurer to help users encrypt their passwords. In the encryption algorithm used by this encryption class, the cipher… |
| CVE-2022-23223 | HIGH | 7.5 | 2022-01-25 | On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later. |
| CVE-2022-23945 | HIGH | 7.5 | 2022-01-25 | Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1. |
| CVE-2022-23913 | HIGH | 7.5 | 2022-02-04 | In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. |
| CVE-2022-22719 | HIGH | 7.5 | 2022-03-14 | A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier. |
| CVE-2022-25598 | HIGH | 7.5 | 2022-03-30 | Apache DolphinScheduler user registration is vulnerable to Regular express Denial of Service (ReDoS) attacks, Apache DolphinScheduler users should upgrade to version 2.0.5 or high… |
| CVE-2022-26650 | HIGH | 7.5 | 2022-05-17 | In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllab… |
| CVE-2022-26377 | HIGH | 7.5 | 2022-06-09 | Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP serv… |
| CVE-2022-29404 | HIGH | 7.5 | 2022-06-09 | In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input siz… |
| CVE-2022-30522 | HIGH | 7.5 | 2022-06-09 | If Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory a… |
| CVE-2022-30556 | HIGH | 7.5 | 2022-06-09 | Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. |
| CVE-2022-34169 | HIGH | 7.5 | 2022-07-19 | The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated … |
| CVE-2022-22728 | HIGH | 7.5 | 2022-08-25 | A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a proces… |
| CVE-2022-34917 | HIGH | 7.5 | 2022-09-20 | A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amo… |
| CVE-2022-40604 | HIGH | 7.5 | 2022-09-21 | In Apache Airflow 2.3.0 through 2.3.4, part of a url was unnecessarily formatted, allowing for possible information extraction. |
| CVE-2022-40705 | HIGH | 7.5 | 2022-09-22 | An Improper Restriction of XML External Entity Reference vulnerability in RPCRouterServlet of Apache SOAP allows an attacker to read arbitrary files over HTTP. This issue affects … |
| CVE-2022-37866 | HIGH | 7.5 | 2022-11-07 | When Apache Ivy downloads artifacts from a repository it stores them in the local file system based on a user-supplied "pattern" that may include placeholders for artifacts coordi… |
| CVE-2022-27949 | HIGH | 7.5 | 2022-11-14 | A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depen… |
| CVE-2023-22602 | HIGH | 7.5 | 2023-01-14 | When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when S… |
| CVE-2006-20001 | HIGH | 7.5 | 2023-01-17 | A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool (heap) memory location beyond the header value sent. This could cause the… |
| CVE-2023-27522 | HIGH | 7.5 | 2023-03-07 | HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the orig… |
| CVE-2023-26464 | HIGH | 7.5 | 2023-03-10 | ** UNSUPPORTED WHEN ASSIGNED ** When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involv… |
| CVE-2023-27900 | HIGH | 7.5 | 2023-03-10 | Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 f… |
| CVE-2023-27901 | HIGH | 7.5 | 2023-03-10 | Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 f… |
| CVE-2023-28625 | HIGH | 7.5 | 2023-04-03 | mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 thr… |
| CVE-2023-28707 | HIGH | 7.5 | 2023-04-07 | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider.This issue affects Apache Airflow Drill Provider: before 2.3.2. |
| CVE-2022-41398 | HIGH | 7.5 | 2023-04-28 | The optional Global Search feature for Sage 300 through version 2022 uses a set of hard-coded credentials for the accompanying Apache Solr instance. This issue could allow attacke… |
| CVE-2023-39553 | HIGH | 7.5 | 2023-08-11 | Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an a… |
| CVE-2023-41081 | HIGH | 7.5 | 2023-09-13 | Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardD… |
| CVE-2023-42457 | HIGH | 7.5 | 2023-09-21 | plone.rest allows users to use HTTP verbs such as GET, POST, PUT, DELETE, etc. in Plone. Starting in the 2.x branch and prior to versions 2.0.1 and 3.0.1, when the `++api++` trave… |
| CVE-2023-31122 | HIGH | 7.5 | 2023-10-23 | Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. |
| CVE-2023-43622 | HIGH | 7.5 | 2023-10-23 | An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to … |
| CVE-2023-46215 | HIGH | 7.5 | 2023-10-28 | Insertion of Sensitive Information into Log File vulnerability in Apache Airflow Celery provider, Apache Airflow. Sensitive information logged as clear text when rediss, amqp, rp… |
| CVE-2023-26031 | HIGH | 7.5 | 2023-11-16 | Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting wo… |
| CVE-2023-49735 | HIGH | 7.5 | 2023-11-30 | ** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to … |
| CVE-2023-37544 | HIGH | 7.5 | 2023-12-20 | Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache P… |
| CVE-2023-50943 | HIGH | 7.5 | 2024-01-24 | Apache Airflow, versions before 2.8.1, have a vulnerability that allows a potential attacker to poison the XCom data by bypassing the protection of "enable_xcom_pickling=False" co… |
| CVE-2023-29055 | HIGH | 7.5 | 2024-01-29 | In Apache Kylin version 2.0.0 to 4.0.3, there is a Server Config web interface that displays the content of file 'kylin.properties', that may contain serverside credentials. When … |
| CVE-2024-23452 | HIGH | 7.5 | 2024-02-08 | Request smuggling vulnerability in HTTP server in Apache bRPC 0.9.5~1.7.0 on all platforms allows attacker to smuggle request. Vulnerability Cause Description: The http_parser d… |
| CVE-2024-24814 | HIGH | 7.5 | 2024-02-13 | mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In … |
| CVE-2024-27139 | HIGH | 7.5 | 2024-03-01 | ** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Archiva: a vulnerability in Apache Archiva allows an unauthenticated attacker to modify account da… |
| CVE-2024-24749 | HIGH | 7.5 | 2024-07-01 | GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.5 and 2.24.3, if GeoServer is deployed in the Windows operating syst… |
| CVE-2024-38472 | HIGH | 7.5 | 2024-07-01 | SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to … |
| CVE-2024-38477 | HIGH | 7.5 | 2024-07-01 | null pointer dereference in mod_proxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to … |
| CVE-2024-39573 | HIGH | 7.5 | 2024-07-01 | Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy. User… |
| CVE-2024-40898 | HIGH | 7.5 | 2024-07-18 | SSRF in Apache HTTP Server on Windows with mod_rewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. User… |
| CVE-2024-28168 | HIGH | 7.5 | 2024-10-09 | Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Apache XML Graphics FOP. This issue affects Apache XML Graphics FOP: 2.9. Users are recommended to… |
| CVE-2024-45784 | HIGH | 7.5 | 2024-11-15 | Apache Airflow versions before 2.10.3 contain a vulnerability that could expose sensitive configuration variables in task logs. This vulnerability allows DAG authors to unintentio… |
| CVE-2025-1075 | HIGH | 7.5 | 2025-02-19 | Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p27, <2.2.0p40, and 2.1.0p51 (EOL) causes LDAP credentials to be written to Apache error … |
| CVE-2025-27553 | HIGH | 7.5 | 2025-03-23 | Relative Path Traversal vulnerability in Apache Commons VFS before 2.10.0. The FileObject API in Commons VFS has a 'resolveFile' method that takes a 'scope' parameter. Specifying… |
| CVE-2025-26413 | HIGH | 7.5 | 2025-04-22 | Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if the `offset` input is a positive integer and use it as an index of a string. So it… |
| CVE-2025-26795 | HIGH | 7.5 | 2025-05-14 | Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in Apache IoTDB JDBC driver. This issue affects iotdb-j… |
| CVE-2025-26864 | HIGH | 7.5 | 2025-05-14 | Exposure of Sensitive Information to an Unauthorized Actor, Insertion of Sensitive Information into Log File vulnerability in the OpenIdAuthorizer of Apache IoTDB. This issue aff… |
| CVE-2025-47947 | HIGH | 7.5 | 2025-05-21 | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of servi… |
| CVE-2025-48866 | HIGH | 7.5 | 2025-06-02 | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability s… |
| CVE-2025-48976 | HIGH | 7.5 | 2025-06-16 | Allocation of resources for multipart headers with insufficient limits enabled a DoS vulnerability in Apache Commons FileUpload. This issue affects Apache Commons FileUpload: fro… |
| CVE-2024-42516 | HIGH | 7.5 | 2025-07-10 | HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server c… |
| CVE-2024-43204 | HIGH | 7.5 | 2025-07-10 | SSRF in Apache HTTP Server with mod_proxy loaded allows an attacker to send outbound proxy requests to a URL controlled by the attacker. Requires an unlikely configuration where … |
| CVE-2024-43394 | HIGH | 7.5 | 2025-07-10 | Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass u… |
| CVE-2024-47252 | HIGH | 7.5 | 2025-07-10 | Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in so… |
| CVE-2025-53020 | HIGH | 7.5 | 2025-07-10 | Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to up… |
| CVE-2025-24853 | HIGH | 7.5 | 2025-07-31 | A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some s… |
| CVE-2025-54472 | HIGH | 7.5 | 2025-08-14 | Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network. Root Cause: In t… |
| CVE-2025-48392 | HIGH | 7.5 | 2025-09-24 | A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, whi… |
| CVE-2025-61919 | HIGH | 7.5 | 2025-10-10 | Rack is a modular Ruby web server interface. Prior to versions 2.2.20, 3.1.18, and 3.2.3, `Rack::Request#POST` reads the entire request body into memory for `Content-Type: applica… |
| CVE-2025-59789 | HIGH | 7.5 | 2025-12-01 | Uncontrolled recursion in the json2pb component in Apache bRPC (version < 1.15.0) on all platforms allows remote attackers to make the server crash via sending deep recursive json… |
| CVE-2025-64775 | HIGH | 7.5 | 2025-12-01 | Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts: from 2.0.0 through 6.7.0, fr… |
| CVE-2025-55753 | HIGH | 7.5 | 2025-12-05 | An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempt… |
| CVE-2025-59775 | HIGH | 7.5 | 2025-12-05 | Server-Side Request Forgery (SSRF) vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to… |
| CVE-2025-54981 | HIGH | 7.5 | 2025-12-12 | Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, including JWT tokens, may have risk… |
| CVE-2025-68675 | HIGH | 7.5 | 2026-01-16 | In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These f… |
| CVE-2026-24735 | HIGH | 7.5 | 2026-02-04 | Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 1.7.1. An unauthenticated API endpoin… |
| CVE-2026-24734 | HIGH | 7.5 | 2026-02-17 | Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native (and Tomcat's FFM port of the Tomcat Native code) did … |
| CVE-2026-34478 | HIGH | 7.5 | 2026-04-10 | Apache Log4j Core's Rfc5424Layout https://logging.apache.org/log4j/2.x/manual/layouts.html#RFC5424Layout , in versions 2.21.0 through 2.25.3, is vulnerable to log injection via C… |
| CVE-2026-34479 | HIGH | 7.5 | 2026-04-10 | The Log4j1XmlLayout from the Apache Log4j 1-to-Log4j 2 bridge fails to escape characters forbidden by the XML 1.0 standard, producing malformed XML output. Conforming XML parsers … |
| CVE-2026-34480 | HIGH | 7.5 | 2026-04-10 | Apache Log4j Core's XmlLayout https://logging.apache.org/log4j/2.x/manual/layouts.html#XmlLayout , in versions up to and including 2.25.3, fails to sanitize characters forbidden … |
| CVE-2026-34481 | HIGH | 7.5 | 2026-04-10 | Apache Log4j's JsonTemplateLayout https://logging.apache.org/log4j/2.x/manual/json-template-layout.html , in versions up to and including 2.25.3, produces invalid JSON output whe… |
| CVE-2026-34059 | HIGH | 7.5 | 2026-05-04 | Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the … |
| CVE-2026-29169 | HIGH | 7.5 | 2026-05-04 | A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.mod_dav_lock is not used int… |
| CVE-2026-42440 | HIGH | 7.5 | 2026-05-04 | OOM Denial of Service via Unbounded Array Allocation in Apache OpenNLP AbstractModelReader Versions Affected: before 2.5.9 before 3.0.0-M3 Description: The AbstractModelR… |
| CVE-2026-40075 | HIGH | 7.5 | 2026-05-05 | OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}`… |
| CVE-2026-31909 | HIGH | 7.5 | 2026-05-19 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to v… |
| CVE-2026-31910 | HIGH | 7.5 | 2026-05-19 | Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which f… |
| CVE-2018-11767 | HIGH | 7.4 | 2019-03-21 | In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanis… |
| CVE-2021-44549 | HIGH | 7.4 | 2021-12-14 | Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks add… |
| CVE-2023-51437 | HIGH | 7.4 | 2024-02-07 | Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. U… |
| CVE-2024-27309 | HIGH | 7.4 | 2024-04-12 | While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the … |
| CVE-2025-49812 | HIGH | 7.4 | 2025-07-10 | In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via… |
| CVE-2025-66623 | HIGH | 7.4 | 2025-12-05 | Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi… |
| CVE-2017-5661 | HIGH | 7.3 | 2017-04-18 | In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that … |
| CVE-2017-3162 | HIGH | 7.3 | 2017-04-26 | HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.… |
| CVE-2020-35452 | HIGH | 7.3 | 2021-06-10 | Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, … |
| CVE-2024-29131 | HIGH | 7.3 | 2024-03-21 | Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to ver… |
| CVE-2023-38709 | HIGH | 7.3 | 2024-04-04 | Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2… |
| CVE-2025-30001 | HIGH | 7.3 | 2025-10-10 | Incorrect Execution-Assigned Permissions vulnerability in Apache StreamPark. This issue affects Apache StreamPark: from 2.1.4 before 2.1.6. Users are recommended to upgrade to v… |
| CVE-2025-59118 | HIGH | 7.3 | 2025-11-12 | Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to version 24.0… |
| CVE-2026-29168 | HIGH | 7.3 | 2026-05-05 | Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's mod_md via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 thro… |
| CVE-2026-29226 | HIGH | 7.3 | 2026-05-19 | Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upg… |
| CVE-2004-2343 | HIGH | 7.2 | 2004-12-31 | Apache HTTP Server 2.0.47 and earlier allows local users to bypass .htaccess file restrictions, as specified in httpd.conf with directives such as Deny From All, by using an Error… |
| CVE-2006-1079 | HIGH | 7.2 | 2006-03-09 | htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, … |
| CVE-2016-0709 | HIGH | 7.2 | 2016-04-11 | Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to a… |
| CVE-2017-12636 | HIGH | 7.2 | 2017-11-14 | CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level binaries that are subsequent… |
| CVE-2018-1321 | HIGH | 7.2 | 2018-03-20 | An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affect… |
| CVE-2018-8007 | HIGH | 7.2 | 2018-07-11 | Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API… |
| CVE-2018-11772 | HIGH | 7.2 | 2019-07-29 | Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is the… |
| CVE-2018-11774 | HIGH | 7.2 | 2019-07-29 | Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing VMs to and from hosts. The form data is then used in SQL statements. This allows f… |
| CVE-2019-10097 | HIGH | 7.2 | 2019-09-26 | In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY" protocol, a specially crafted PROXY header could… |
| CVE-2019-19699 | HIGH | 7.2 | 2020-04-06 | There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software through 19.10 via Pollers misconfiguration, leading to system compromise via apache cro… |
| CVE-2020-11977 | HIGH | 7.2 | 2020-09-15 | In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicio… |
| CVE-2023-29246 | HIGH | 7.2 | 2023-05-12 | An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from … |
| CVE-2023-51441 | HIGH | 7.2 | 2024-01-06 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This issue affects A… |
| CVE-2008-3666 | HIGH | 7.1 | 2008-08-13 | Unspecified vulnerability in Sun Solaris 10 and OpenSolaris before snv_96 allows (1) context-dependent attackers to cause a denial of service (panic) via vectors involving creatio… |
| CVE-2009-1890 | HIGH | 7.1 | 2009-07-05 | The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an … |
| CVE-2009-1891 | HIGH | 7.1 | 2009-07-10 | The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attac… |
| CVE-2013-4002 | HIGH | 7.1 | 2013-07-23 | XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1… |
| CVE-2024-46910 | HIGH | 7.1 | 2025-02-13 | An authenticated user can perform XSS and potentially impersonate another user. This issue affects Apache Atlas versions 2.3.0 and earlier. Users are recommended to upgrade to v… |
| CVE-2026-25999 | HIGH | 7.1 | 2026-02-11 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to 2.10.2, there is an improper access control vulnerability that allows unauthorized users to t… |
| CVE-2026-48827 | HIGH | 7.1 | 2026-06-01 | Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated… |
| CVE-2026-25087 | HIGH | 7.0 | 2026-02-17 | Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file (but not an I… |
| CVE-2012-0883 | MEDIUM | 6.9 | 2012-04-18 | envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Troj… |
| CVE-2002-0840 | MEDIUM | 6.8 | 2002-10-11 | Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS… |
| CVE-2006-4154 | MEDIUM | 6.8 | 2006-10-16 | Format string vulnerability in the mod_tcl module 1.0 for Apache 2.x allows context-dependent attackers to execute arbitrary code via format string specifiers that are not properl… |
| CVE-2006-6390 | MEDIUM | 6.8 | 2006-12-08 | Multiple directory traversal vulnerabilities in Open Solution Quick.Cart 2.0, when register_globals is enabled and magic_quotes_gpc is disabled, allow remote attackers to include … |
| CVE-2006-6675 | MEDIUM | 6.8 | 2006-12-21 | Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote attackers to inject arbitrary web script or H… |
| CVE-2007-4556 | MEDIUM | 6.8 | 2007-08-28 | Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Langua… |
| CVE-2009-1275 | MEDIUM | 6.8 | 2009-04-09 | Apache Tiles 2.1 before 2.1.2, as used in Apache Struts and other products, evaluates Expression Language (EL) expressions twice in certain circumstances, which allows remote atta… |
| CVE-2009-0039 | MEDIUM | 6.8 | 2009-04-17 | Multiple cross-site request forgery (CSRF) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to hija… |
| CVE-2012-0392 | MEDIUM | 6.8 | 2012-01-08 | The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafte… |
| CVE-2012-0394 | MEDIUM | 6.8 | 2012-01-08 | The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NO… |
| CVE-2012-4386 | MEDIUM | 6.8 | 2012-09-05 | The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-si… |
| CVE-2013-1088 | MEDIUM | 6.8 | 2013-04-24 | Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging imp… |
| CVE-2013-4330 | MEDIUM | 6.8 | 2013-10-04 | Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}"… |
| CVE-2014-0226 | MEDIUM | 6.8 | 2014-07-20 | Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obta… |
| CVE-2014-7809 | MEDIUM | 6.8 | 2014-12-10 | Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism. |
| CVE-2015-3330 | MEDIUM | 6.8 | 2015-06-09 | The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows… |
| CVE-2016-3129 | MEDIUM | 6.6 | 2016-12-16 | A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22… |
| CVE-2021-44832 | MEDIUM | 6.6 | 2021-12-28 | Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses… |
| CVE-2023-37941 | MEDIUM | 6.6 | 2023-09-06 | If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Super… |
| CVE-2026-25903 | MEDIUM | 6.6 | 2026-02-17 | Apache NiFi 1.1.0 through 2.7.2 are missing authorization when updating configuration properties on extension components that have specific Required Permissions based on the Restr… |
| CVE-2015-3270 | MEDIUM | 6.5 | 2015-11-02 | Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing password… |
| CVE-2014-0229 | MEDIUM | 6.5 | 2017-03-23 | Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool,… |
| CVE-2017-9792 | MEDIUM | 6.5 | 2017-10-04 | In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to … |
| CVE-2014-3250 | MEDIUM | 6.5 | 2017-12-11 | The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information… |
| CVE-2017-15713 | MEDIUM | 6.5 | 2018-01-19 | Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user ru… |
| CVE-2017-15691 | MEDIUM | 6.5 | 2018-04-26 | In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vu… |
| CVE-2018-8036 | MEDIUM | 6.5 | 2018-07-03 | In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFB… |
| CVE-2019-0213 | MEDIUM | 6.5 | 2019-04-30 | In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk… |
| CVE-2019-0214 | MEDIUM | 6.5 | 2019-04-30 | In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. Existing files can be overwritt… |
| CVE-2019-10093 | MEDIUM | 6.5 | 2019-08-02 | In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file could consume all available SAXParsers in the pool and lead to very long hangs. Apache Tika users should upg… |
| CVE-2021-26559 | MEDIUM | 6.5 | 2021-02-17 | Improper Access Control on Configurations Endpoint for the Stable API of Apache Airflow allows users with Viewer or User role to get Airflow Configurations including sensitive inf… |
| CVE-2021-30129 | MEDIUM | 6.5 | 2021-07-12 | A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features o… |
| CVE-2021-40439 | MEDIUM | 6.5 | 2021-10-07 | Apache OpenOffice has a dependency on expat software. Versions prior to 2.1.0 were subject to CVE-2013-0340 a "Billion Laughs" entity expansion denial of service attack and exploi… |
| CVE-2021-41973 | MEDIUM | 6.5 | 2021-11-01 | In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the begin… |
| CVE-2021-36774 | MEDIUM | 6.5 | 2022-01-06 | Apache Kylin allows users to read data from other database systems using JDBC. The MySQL JDBC driver supports certain properties, which, if left unmitigated, can allow an attacker… |
| CVE-2021-45230 | MEDIUM | 6.5 | 2022-01-20 | In Apache Airflow prior to 2.2.0. This CVE applies to a specific case where a User who has "can_create" permissions on DAG Runs can create Dag Runs for dags that they don't have "… |
| CVE-2022-23437 | MEDIUM | 6.5 | 2022-01-24 | There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an… |
| CVE-2021-41571 | MEDIUM | 6.5 | 2022-02-01 | In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires th… |
| CVE-2022-29405 | MEDIUM | 6.5 | 2022-05-25 | In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8 |
| CVE-2022-28731 | MEDIUM | 6.5 | 2022-08-04 | A carefully crafted request on UserPreferences.jsp could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow the attacker to modify the email associat… |
| CVE-2022-24280 | MEDIUM | 6.5 | 2022-09-23 | Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address… |
| CVE-2022-26884 | MEDIUM | 6.5 | 2022-10-28 | Users can read any files by log server, Apache DolphinScheduler users should upgrade to version 2.0.6 or higher. |
| CVE-2023-25621 | MEDIUM | 6.5 | 2023-02-23 | Privilege Escalation vulnerability in Apache Software Foundation Apache Sling. Any content author is able to create i18n dictionaries in the repository in a location the author ha… |
| CVE-2023-1663 | MEDIUM | 6.5 | 2023-03-29 | Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an ins… |
| CVE-2023-35005 | MEDIUM | 6.5 | 2023-06-19 | In Apache Airflow, some potentially sensitive values were being shown to the user in certain situations. This vulnerability is mitigated by the fact configuration is not shown in… |
| CVE-2022-46651 | MEDIUM | 6.5 | 2023-07-12 | Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulne… |
| CVE-2023-22887 | MEDIUM | 6.5 | 2023-07-12 | Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manip… |
| CVE-2023-22888 | MEDIUM | 6.5 | 2023-07-12 | Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to cause a service disruption by manipulating the run_id parameter. This vulnerabilit… |
| CVE-2023-35908 | MEDIUM | 6.5 | 2023-07-12 | Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL. It is recommended to upgrade to a version that… |
| CVE-2023-36543 | MEDIUM | 6.5 | 2023-07-12 | Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang. It is recommended to upgrade to a ve… |
| CVE-2023-40186 | MEDIUM | 6.5 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an IntegerOverflow leading to Out-Of-Bou… |
| CVE-2023-40567 | MEDIUM | 6.5 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_dec… |
| CVE-2023-40569 | MEDIUM | 6.5 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressi… |
| CVE-2023-40712 | MEDIUM | 6.5 | 2023-09-12 | Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could le… |
| CVE-2023-42663 | MEDIUM | 6.5 | 2023-10-14 | Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in ot… |
| CVE-2023-42780 | MEDIUM | 6.5 | 2023-10-14 | Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permis… |
| CVE-2023-42792 | MEDIUM | 6.5 | 2023-10-14 | Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could giv… |
| CVE-2023-25753 | MEDIUM | 6.5 | 2023-10-19 | There exists an SSRF (Server-Side Request Forgery) vulnerability located at the /sandbox/proxyGateway endpoint. This vulnerability allows us to manipulate arbitrary requests and … |
| CVE-2023-44483 | MEDIUM | 6.5 | 2023-10-20 | All versions of Apache Santuario - XML Security for Java prior to 2.2.6, 2.3.4, and 3.0.3, when using the JSR 105 API, are vulnerable to an issue where a private key may be disclo… |
| CVE-2023-42781 | MEDIUM | 6.5 | 2023-11-12 | Apache Airflow, versions before 2.7.3, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in ot… |
| CVE-2023-46104 | MEDIUM | 6.5 | 2023-12-19 | Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists i… |
| CVE-2023-49736 | MEDIUM | 6.5 | 2023-12-19 | A where_in JINJA macro allows users to specify a quote, which combined with a carefully crafted statement would allow for SQL injection in Apache Superset.This issue affects Apach… |
| CVE-2023-49920 | MEDIUM | 6.5 | 2023-12-21 | Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible fo… |
| CVE-2023-50783 | MEDIUM | 6.5 | 2023-12-21 | Apache Airflow, versions before 2.8.0, is affected by a vulnerability that allows an authenticated user without the variable edit permission, to update a variable. This flaw compr… |
| CVE-2023-46749 | MEDIUM | 6.5 | 2024-01-15 | Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting Mitiga… |
| CVE-2023-50944 | MEDIUM | 6.5 | 2024-01-24 | Apache Airflow, versions before 2.8.1, have a vulnerability that allows an authenticated user to access the source code of a DAG to which they don't have access. This vulnerabilit… |
| CVE-2024-23952 | MEDIUM | 6.5 | 2024-02-14 | This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacke… |
| CVE-2023-50380 | MEDIUM | 6.5 | 2024-02-27 | XML External Entity injection in apache ambari versions <= 2.7.7, Users are recommended to upgrade to version 2.7.8, which fixes this issue. More Details: Oozie Workflow Schedul… |
| CVE-2024-24683 | MEDIUM | 6.5 | 2024-03-19 | Improper Input Validation vulnerability in Apache Hop Engine.This issue affects Apache Hop Engine: before 2.8.0. Users are recommended to upgrade to version 2.8.0, which fixes th… |
| CVE-2024-31141 | MEDIUM | 6.5 | 2024-11-19 | Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for custo… |
| CVE-2024-53949 | MEDIUM | 6.5 | 2024-12-09 | Improper Authorization vulnerability in Apache Superset when FAB_ADD_SECURITY_API is enabled (disabled by default). Allows for lower privilege users to use this API. issue affec… |
| CVE-2025-25069 | MEDIUM | 6.5 | 2025-02-07 | A Cross-Protocol Scripting vulnerability is found in Apache Kvrocks. Since Kvrocks didn't detect if "Host:" or "POST" appears in RESP requests, a valid HTTP request can also be s… |
| CVE-2025-27017 | MEDIUM | 6.5 | 2025-03-12 | Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during process… |
| CVE-2024-48944 | MEDIUM | 6.5 | 2025-03-27 | Server-Side Request Forgery (SSRF) vulnerability in Apache Kylin. Through a kylin server, an attacker may forge a request to invoke "/kylin/api/xxx/diag" api on another internal h… |
| CVE-2025-27391 | MEDIUM | 6.5 | 2025-04-09 | Insertion of Sensitive Information into Log File vulnerability in Apache ActiveMQ Artemis. All the values of the broker properties are logged when the org.apache.activemq.artemis.… |
| CVE-2025-46392 | MEDIUM | 6.5 | 2025-05-09 | Uncontrolled Resource Consumption vulnerability in Apache Commons Configuration 1.x. There are a number of issues in Apache Commons Configuration 1.x that allow excessive resourc… |
| CVE-2025-27522 | MEDIUM | 6.5 | 2025-05-28 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability is a secondary mining bypass for… |
| CVE-2025-27526 | MEDIUM | 6.5 | 2025-05-28 | Deserialization of Untrusted Data vulnerability in Apache InLong. This issue affects Apache InLong: from 1.13.0 through 2.1.0. This vulnerability which can lead to JDBC Vulnerabi… |
| CVE-2025-32896 | MEDIUM | 6.5 | 2025-06-19 | # Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. # Details Unauthorized users can access `/hazelcast/r… |
| CVE-2025-52891 | MEDIUM | 6.5 | 2025-07-02 | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.8 to before 2.9.11, an empty XML tag can cause a seg… |
| CVE-2025-54656 | MEDIUM | 6.5 | 2025-07-30 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Output Neutralization for Logs vulnerability in Apache Struts. This issue affects Apache Struts Extras: before 2. When using LookupDispa… |
| CVE-2025-58782 | MEDIUM | 6.5 | 2025-09-08 | Deserialization of Untrusted Data vulnerability in Apache Jackrabbit Core and Apache Jackrabbit JCR Commons. This issue affects Apache Jackrabbit Core: from 1.0.0 through 2.22.1;… |
| CVE-2025-54831 | MEDIUM | 6.5 | 2025-09-26 | Apache Airflow 3 introduced a change to the handling of sensitive information in Connections. The intent was to restrict access to sensitive connection fields to Connection Editin… |
| CVE-2025-61623 | MEDIUM | 6.5 | 2025-11-12 | Reflected cross-site scripting vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.03. Users are recommended to upgrade to version 24.09.03, which fixes… |
| CVE-2025-65082 | MEDIUM | 6.5 | 2025-12-05 | Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly super… |
| CVE-2026-41081 | MEDIUM | 6.5 | 2026-04-27 | Improper Handling of TLS Client Authentication Failure Leading to Anonymous Principal Assignment in Apache Storm Versions Affected: up to 2.8.7 Description: When TLS transport i… |
| CVE-2026-33523 | MEDIUM | 6.5 | 2026-05-04 | HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.… |
| CVE-2026-29207 | MEDIUM | 6.5 | 2026-05-19 | Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to u… |
| CVE-2026-29220 | MEDIUM | 6.5 | 2026-05-19 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recomme… |
| CVE-2026-31378 | MEDIUM | 6.5 | 2026-05-19 | Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the … |
| CVE-2026-31380 | MEDIUM | 6.5 | 2026-05-19 | Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OF… |
| CVE-2026-35086 | MEDIUM | 6.5 | 2026-05-19 | Improper Control of Generation of Code ('Code Injection') vulnerability in email services of Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommende… |
| CVE-2026-45187 | MEDIUM | 6.5 | 2026-05-19 | Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixe… |
| CVE-2026-43827 | MEDIUM | 6.5 | 2026-05-25 | Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgr… |
| CVE-2026-43828 | MEDIUM | 6.5 | 2026-05-25 | Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1.… |
| CVE-2025-48977 | MEDIUM | 6.5 | 2026-05-28 | Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a c… |
| CVE-2003-0192 | MEDIUM | 6.4 | 2003-08-18 | Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive … |
| CVE-2004-0493 | MEDIUM | 6.4 | 2004-08-06 | The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error lea… |
| CVE-2012-0393 | MEDIUM | 6.4 | 2012-01-08 | The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary f… |
| CVE-2012-5575 | MEDIUM | 6.4 | 2013-08-19 | Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy Alg… |
| CVE-2015-1833 | MEDIUM | 6.4 | 2015-05-29 | XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.… |
| CVE-2024-28098 | MEDIUM | 6.4 | 2024-03-12 | The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These manage… |
| CVE-2024-29834 | MEDIUM | 6.4 | 2024-04-02 | This vulnerability allows authenticated users with produce or consume permissions to perform unauthorized operations on partitioned topics, such as unloading topics and triggering… |
| CVE-2023-6308 | MEDIUM | 6.3 | 2023-11-27 | A vulnerability, which was classified as critical, has been found in Xiamen Four-Faith Video Surveillance Management System 2016/2017. Affected by this issue is some unknown funct… |
| CVE-2023-40610 | MEDIUM | 6.3 | 2023-11-27 | Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to b… |
| CVE-2024-24795 | MEDIUM | 6.3 | 2024-04-04 | HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchr… |
| CVE-2025-54090 | MEDIUM | 6.3 | 2025-07-23 | A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. |
| CVE-2007-1741 | MEDIUM | 6.2 | 2007-04-13 | Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arb… |
| CVE-2015-1776 | MEDIUM | 6.2 | 2016-04-19 | Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data en… |
| CVE-2017-15707 | MEDIUM | 6.2 | 2017-12-01 | In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially cra… |
| CVE-2021-39227 | MEDIUM | 6.2 | 2021-09-17 | ZRender is a lightweight graphic library providing 2d draw for Apache ECharts. In versions prior to 5.2.1, using `merge` and `clone` helper methods in the `src/core/util.ts` modul… |
| CVE-2024-39884 | MEDIUM | 6.2 | 2024-07-04 | A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under som… |
| CVE-2007-4465 | MEDIUM | 6.1 | 2007-09-14 | Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attac… |
| CVE-2016-0711 | MEDIUM | 6.1 | 2016-04-11 | Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the title parameter when addi… |
| CVE-2016-0712 | MEDIUM | 6.1 | 2016-04-11 | Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal. |
| CVE-2016-2162 | MEDIUM | 6.1 | 2016-04-12 | Apache Struts 2.x before 2.3.25 does not sanitize text in the Locale object constructed by I18NInterceptor, which might allow remote attackers to conduct cross-site scripting (XSS… |
| CVE-2016-4003 | MEDIUM | 6.1 | 2016-04-12 | Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows r… |
| CVE-2017-3161 | MEDIUM | 6.1 | 2017-04-26 | The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter. |
| CVE-2017-7678 | MEDIUM | 6.1 | 2017-07-12 | In Apache Spark before 2.2.0, it is possible for an attacker to take advantage of a user's trust in the server to trick them into visiting a link that points to a shared Spark clu… |
| CVE-2017-9802 | MEDIUM | 6.1 | 2017-08-14 | The Javascript method Sling.evalString() in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by pa… |
| CVE-2015-5169 | MEDIUM | 6.1 | 2017-09-25 | Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20. |
| CVE-2009-1198 | MEDIUM | 6.1 | 2017-10-30 | Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp. |
| CVE-2017-11296 | MEDIUM | 6.1 | 2017-12-09 | An issue was discovered in Adobe Experience Manager 6.3, 6.2, 6.1, 6.0. A cross-site scripting vulnerability in Apache Sling Servlets Post 2.3.20 has been resolved in Adobe Experi… |
| CVE-2017-15717 | MEDIUM | 6.1 | 2018-01-10 | A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special craf… |
| CVE-2016-4975 | MEDIUM | 6.1 | 2018-08-14 | Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR o… |
| CVE-2018-20242 | MEDIUM | 6.1 | 2019-02-11 | A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking. |
| CVE-2019-0224 | MEDIUM | 6.1 | 2019-03-28 | In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, … |
| CVE-2018-8035 | MEDIUM | 6.1 | 2019-05-01 | This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does … |
| CVE-2019-10076 | MEDIUM | 6.1 | 2019-05-20 | A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. |
| CVE-2019-10077 | MEDIUM | 6.1 | 2019-05-20 | A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. |
| CVE-2019-10078 | MEDIUM | 6.1 | 2019-05-20 | A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indica… |
| CVE-2019-12397 | MEDIUM | 6.1 | 2019-08-08 | Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix. |
| CVE-2019-10087 | MEDIUM | 6.1 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, … |
| CVE-2019-10089 | MEDIUM | 6.1 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which c… |
| CVE-2019-12404 | MEDIUM | 6.1 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which coul… |
| CVE-2019-10090 | MEDIUM | 6.1 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which cou… |
| CVE-2019-12407 | MEDIUM | 6.1 | 2019-09-23 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on s… |
| CVE-2019-10098 | MEDIUM | 6.1 | 2019-09-25 | In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to … |
| CVE-2019-10092 | MEDIUM | 6.1 | 2019-09-26 | In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting issue was reported affecting the mod_proxy error page. An attacker could cause the link on the error page to be … |
| CVE-2015-2992 | MEDIUM | 6.1 | 2020-02-27 | Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. |
| CVE-2020-1927 | MEDIUM | 6.1 | 2020-04-02 | In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to … |
| CVE-2020-13932 | MEDIUM | 6.1 | 2020-07-20 | In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is … |
| CVE-2020-13928 | MEDIUM | 6.1 | 2020-09-16 | Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnera… |
| CVE-2020-1936 | MEDIUM | 6.1 | 2021-03-02 | A cross-site scripting issue was found in Apache Ambari Views. This was addressed in Apache Ambari 2.7.4. |
| CVE-2021-28359 | MEDIUM | 6.1 | 2021-05-02 | The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions <1.10.15 in 1.x series and affects… |
| CVE-2021-25640 | MEDIUM | 6.1 | 2021-06-01 | In Apache Dubbo prior to 2.6.9 and 2.7.9, the usage of parseURL method will lead to the bypass of white host check which can cause open redirect or SSRF vulnerability. |
| CVE-2021-33192 | MEDIUM | 6.1 | 2021-07-05 | A vulnerability in the HTML pages of Apache Jena Fuseki allows an attacker to execute arbitrary javascript on certain page views. This issue affects Apache Jena Fuseki from versio… |
| CVE-2021-40369 | MEDIUM | 6.1 | 2021-11-24 | A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascri… |
| CVE-2021-45229 | MEDIUM | 6.1 | 2022-02-25 | It was discovered that the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. This issue affects Apache Airflow versions 2.2.3 and be… |
| CVE-2022-24948 | MEDIUM | 6.1 | 2022-02-25 | A carefully crafted user preferences for submission could trigger an XSS vulnerability on Apache JSPWiki, related to the user preferences screen, which could allow the attacker to… |
| CVE-2022-24969 | MEDIUM | 6.1 | 2022-06-09 | bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or S… |
| CVE-2022-27166 | MEDIUM | 6.1 | 2022-08-04 | A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javasc… |
| CVE-2022-28730 | MEDIUM | 6.1 | 2022-08-04 | A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser a… |
| CVE-2022-28732 | MEDIUM | 6.1 | 2022-08-04 | A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and … |
| CVE-2022-35278 | MEDIUM | 6.1 | 2022-08-23 | In Apache ActiveMQ Artemis prior to 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an ad… |
| CVE-2022-40754 | MEDIUM | 6.1 | 2022-09-21 | In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's `/confirm` endpoint. |
| CVE-2022-43982 | MEDIUM | 6.1 | 2022-11-02 | In Apache Airflow versions prior to 2.4.2, the "Trigger DAG with config" screen was susceptible to XSS attacks via the `origin` query argument. |
| CVE-2022-43985 | MEDIUM | 6.1 | 2022-11-02 | In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's `/confirm` endpoint. |
| CVE-2022-45402 | MEDIUM | 6.1 | 2022-11-15 | In Apache Airflow versions prior to 2.4.3, there was an open redirect in the webserver's `/login` endpoint. |
| CVE-2022-46907 | MEDIUM | 6.1 | 2023-05-25 | A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's b… |
| CVE-2023-38435 | MEDIUM | 6.1 | 2023-07-25 | An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prio… |
| CVE-2023-45757 | MEDIUM | 6.1 | 2023-10-16 | Security vulnerability in Apache bRPC <=1.6.0 on all platforms allows attackers to inject XSS code to the builtin rpcz page. An attacker that can send http request to bRPC server … |
| CVE-2023-46750 | MEDIUM | 6.1 | 2023-12-14 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro. Mitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+. |
| CVE-2023-50378 | MEDIUM | 6.1 | 2024-03-01 | Lack of proper input validation and constraint enforcement in Apache Ambari prior to 2.7.8 Impact : As it will be stored XSS, Could be exploited to perform unauthorized action… |
| CVE-2024-27136 | MEDIUM | 6.1 | 2024-06-24 | XSS in Upload page in Apache JSPWiki 2.12.1 and priors allows the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apac… |
| CVE-2024-41937 | MEDIUM | 6.1 | 2024-08-21 | Apache Airflow, versions before 2.10.0, have a vulnerability that allows the developer of a malicious provider to execute a cross-site scripting attack when clicking on a provider… |
| CVE-2025-24854 | MEDIUM | 6.1 | 2025-07-31 | A carefully crafted request using the Image plugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's bro… |
| CVE-2025-54571 | MEDIUM | 6.1 | 2025-08-06 | ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP resp… |
| CVE-2026-31379 | MEDIUM | 6.1 | 2026-05-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Cont… |
| CVE-2026-31906 | MEDIUM | 6.1 | 2026-05-19 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are r… |
| CVE-2009-3890 | MEDIUM | 6.0 | 2009-11-17 | Unrestricted file upload vulnerability in the wp_check_filetype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the mod_mime modul… |
| CVE-2016-1546 | MEDIUM | 5.9 | 2016-07-06 | The Apache HTTP Server 2.4.17 and 2.4.18, when mod_http2 is enabled, does not limit the number of simultaneous stream workers for a single HTTP/2 connection, which allows remote a… |
| CVE-2017-7672 | MEDIUM | 5.9 | 2017-07-13 | If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when… |
| CVE-2016-8738 | MEDIUM | 5.9 | 2017-09-20 | In Apache Struts 2.5 through 2.5.5, if an application allows entering a URL in a form field and the built-in URLValidator is used, it is possible to prepare a special URL which wi… |
| CVE-2018-1301 | MEDIUM | 5.9 | 2018-03-26 | A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP head… |
| CVE-2018-1302 | MEDIUM | 5.9 | 2018-03-26 | When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. T… |
| CVE-2018-11763 | MEDIUM | 5.9 | 2018-09-25 | In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout co… |
| CVE-2019-11989 | MEDIUM | 5.9 | 2019-07-19 | A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Ag… |
| CVE-2020-13946 | MEDIUM | 5.9 | 2020-09-01 | In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or conf… |
| CVE-2020-1926 | MEDIUM | 5.9 | 2021-03-16 | Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie … |
| CVE-2021-32791 | MEDIUM | 5.9 | 2021-07-26 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID… |
| CVE-2021-38153 | MEDIUM | 5.9 | 2021-09-22 | Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more li… |
| CVE-2021-45105 | MEDIUM | 5.9 | 2021-12-18 | Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker wi… |
| CVE-2022-33681 | MEDIUM | 5.9 | 2022-09-23 | Delayed TLS hostname verification in the Pulsar Java Client and the Pulsar Proxy make each client vulnerable to a man in the middle attack. Connections from the Pulsar Java Client… |
| CVE-2022-33682 | MEDIUM | 5.9 | 2022-09-23 | TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Pro… |
| CVE-2022-33683 | MEDIUM | 5.9 | 2022-09-23 | Apache Pulsar Brokers and Proxies create an internal Pulsar Admin Client that does not verify peer TLS certificates, even when tlsAllowInsecureConnection is disabled via configura… |
| CVE-2023-39441 | MEDIUM | 5.9 | 2023-08-23 | Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected by the Validation of OpenSSL Certificate vulnera… |
| CVE-2023-39350 | MEDIUM | 5.9 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS (e.g. a… |
| CVE-2023-39354 | MEDIUM | 5.9 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `nsc_rle_de… |
| CVE-2023-48795 | MEDIUM | 5.9 | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packe… |
| CVE-2024-27906 | MEDIUM | 5.9 | 2024-02-29 | Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through t… |
| CVE-2021-47544 | MEDIUM | 5.9 | 2024-05-24 | In the Linux kernel, the following vulnerability has been resolved: tcp: fix page frag corruption on page fault Steffen reported a TCP stream corruption for HTTP requests served… |
| CVE-2024-41909 | MEDIUM | 5.9 | 2024-08-12 | Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client an… |
| CVE-2025-53960 | MEDIUM | 5.9 | 2025-12-12 | When issuing JSON Web Tokens (JWT), Apache StreamPark directly uses the user's password as the HMAC signing key (e.g., with the HS256 algorithm). An attacker can exploit this vuln… |
| CVE-2026-27133 | MEDIUM | 5.9 | 2026-02-20 | Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of mul… |
| CVE-2026-34477 | MEDIUM | 5.9 | 2026-04-10 | The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete: it addressed hostname verification only when enabled via the log4j2.sslVerify… |
| CVE-2026-49267 | MEDIUM | 5.9 | 2026-06-01 | Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment … |
| CVE-2012-5786 | MEDIUM | 5.8 | 2012-11-04 | The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a … |
| CVE-2012-5633 | MEDIUM | 5.8 | 2013-03-12 | The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows … |
| CVE-2013-0253 | MEDIUM | 5.8 | 2013-04-09 | The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middl… |
| CVE-2013-2248 | MEDIUM | 5.8 | 2013-07-20 | Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL… |
| CVE-2013-1909 | MEDIUM | 5.8 | 2013-08-23 | The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 c… |
| CVE-2013-4310 | MEDIUM | 5.8 | 2013-09-30 | Apache Struts 2.0.0 through 2.3.15.1 allows remote attackers to bypass access controls via a crafted action: prefix. |
| CVE-2014-0116 | MEDIUM | 5.8 | 2014-05-08 | CookieInterceptor in Apache Struts 2.x before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote atta… |
| CVE-2015-5210 | MEDIUM | 5.8 | 2015-11-02 | Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI … |
| CVE-2021-41159 | MEDIUM | 5.8 | 2021-10-21 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/g… |
| CVE-2023-44312 | MEDIUM | 5.8 | 2024-01-31 | Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). U… |
| CVE-2015-1775 | MEDIUM | 5.5 | 2015-11-02 | Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and acc… |
| CVE-2016-4976 | MEDIUM | 5.5 | 2017-03-29 | Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing. |
| CVE-2016-5001 | MEDIUM | 5.5 | 2017-08-30 | This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode m… |
| CVE-2018-11797 | MEDIUM | 5.5 | 2018-10-05 | In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree. |
| CVE-2019-12400 | MEDIUM | 5.5 | 2019-08-23 | In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However… |
| CVE-2020-17521 | MEDIUM | 5.5 | 2020-12-07 | Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now supersed… |
| CVE-2020-9479 | MEDIUM | 5.5 | 2021-03-01 | When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds bet… |
| CVE-2021-27807 | MEDIUM | 5.5 | 2021-03-19 | A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions. |
| CVE-2021-27906 | MEDIUM | 5.5 | 2021-03-19 | A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions. |
| CVE-2020-13938 | MEDIUM | 5.5 | 2021-06-10 | Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows |
| CVE-2021-31811 | MEDIUM | 5.5 | 2021-06-12 | In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x version… |
| CVE-2021-31812 | MEDIUM | 5.5 | 2021-06-12 | In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions. |
| CVE-2022-25169 | MEDIUM | 5.5 | 2022-05-16 | The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files. |
| CVE-2022-30126 | MEDIUM | 5.5 | 2022-05-16 | In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specia… |
| CVE-2022-40954 | MEDIUM | 5.5 | 2022-11-22 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to rea… |
| CVE-2024-25142 | MEDIUM | 5.5 | 2024-06-14 | Use of Web Browser Cache Containing Sensitive Information vulnerability in Apache Airflow. Airflow did not return "Cache-Control" header for dynamic content, which in case of so… |
| CVE-2005-3357 | MEDIUM | 5.4 | 2005-12-31 | mod_ssl in Apache 2.0 up to 2.0.55, when configured with an SSL vhost with access control and a custom error 400 error page, allows remote attackers to cause a denial of service (… |
| CVE-2018-8024 | MEDIUM | 5.4 | 2018-07-12 | In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and i… |
| CVE-2019-17557 | MEDIUM | 5.4 | 2020-05-04 | It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could exe… |
| CVE-2021-42597 | MEDIUM | 5.4 | 2022-09-16 | A Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent … |
| CVE-2022-41703 | MEDIUM | 5.4 | 2023-01-16 | A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fiel… |
| CVE-2022-43717 | MEDIUM | 5.4 | 2023-01-16 | Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with crea… |
| CVE-2022-43718 | MEDIUM | 5.4 | 2023-01-16 | Upload data forms do not correctly render user input leading to possible XSS attack vectors that can be performed by authenticated users with database connection update permission… |
| CVE-2022-43720 | MEDIUM | 5.4 | 2023-01-16 | An authenticated attacker with write CSS template permissions can create a record with specific HTML tags that will not get properly escaped by the toast message displayed when a … |
| CVE-2022-43721 | MEDIUM | 5.4 | 2023-01-16 | An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific d… |
| CVE-2022-45801 | MEDIUM | 5.4 | 2023-05-01 | Apache StreamPark 1.0.0 to 2.0.0 have a LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on us… |
| CVE-2023-29247 | MEDIUM | 5.4 | 2023-05-08 | Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0. |
| CVE-2023-36387 | MEDIUM | 5.4 | 2023-09-06 | An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections. |
| CVE-2023-47265 | MEDIUM | 5.4 | 2023-12-21 | Apache Airflow, versions 2.6.0 through 2.7.3 has a stored XSS vulnerability that allows a DAG author to add an unbounded and not-sanitized javascript in the parameter description … |
| CVE-2024-27140 | MEDIUM | 5.4 | 2024-03-01 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Archiva. This issue affects Apache A… |
| CVE-2024-29133 | MEDIUM | 5.4 | 2024-03-21 | Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to ver… |
| CVE-2024-32077 | MEDIUM | 5.4 | 2024-05-14 | Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs. Users are recommended to upgrade to v… |
| CVE-2024-39863 | MEDIUM | 5.4 | 2024-07-17 | Apache Airflow versions before 2.9.3 have a vulnerability that allows an authenticated attacker to inject a malicious link when installing a provider. Users are recommended to upg… |
| CVE-2024-56512 | MEDIUM | 5.4 | 2024-12-28 | Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when c… |
| CVE-2024-48019 | MEDIUM | 5.4 | 2025-02-04 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or Directories Accessible to External Parties vulnerability in Apache Doris. Application ad… |
| CVE-2024-53679 | MEDIUM | 5.4 | 2025-03-25 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache VCL in the User Lookup form. A user with sufficient rights to be able … |
| CVE-2025-59790 | MEDIUM | 5.4 | 2025-11-28 | Improper Privilege Management vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from v2.9.0 through v2.13.0. Users are recommended to upgrade to version 2.14.0… |
| CVE-2025-66200 | MEDIUM | 5.4 | 2025-12-05 | mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scrip… |
| CVE-2026-35565 | MEDIUM | 5.4 | 2026-04-13 | Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interp… |
| CVE-2026-44598 | MEDIUM | 5.4 | 2026-05-25 | With valid login credentials, URL Redirection to Untrusted Site ('Open Redirect'), Server-Side Request Forgery (SSRF) vulnerability in Apache Shiro. This issue affects Apache … |
| CVE-2026-48589 | MEDIUM | 5.4 | 2026-05-25 | Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-c… |
| CVE-2016-3093 | MEDIUM | 5.3 | 2016-06-07 | Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block… |
| CVE-2016-4465 | MEDIUM | 5.3 | 2016-07-04 | The URLValidator class in Apache Struts 2 2.3.20 through 2.3.28.1 and 2.5.x before 2.5.1 allows remote attackers to cause a denial of service via a null value for a URL field. |
| CVE-2009-1197 | MEDIUM | 5.3 | 2017-10-30 | Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp. |
| CVE-2018-1283 | MEDIUM | 5.3 | 2018-03-26 | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their… |
| CVE-2018-8003 | MEDIUM | 5.3 | 2018-05-03 | Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to… |
| CVE-2018-8041 | MEDIUM | 5.3 | 2018-09-17 | Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal. |
| CVE-2018-17189 | MEDIUM | 5.3 | 2019-01-30 | In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server t… |
| CVE-2019-0220 | MEDIUM | 5.3 | 2019-06-11 | A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive slashes ('/'), directives such as LocationM… |
| CVE-2019-0196 | MEDIUM | 5.3 | 2019-06-11 | A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison… |
| CVE-2020-1934 | MEDIUM | 5.3 | 2020-04-01 | In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server. |
| CVE-2020-9495 | MEDIUM | 5.3 | 2020-06-19 | Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special v… |
| CVE-2020-11985 | MEDIUM | 5.3 | 2020-08-07 | IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof the… |
| CVE-2020-25073 | MEDIUM | 5.3 | 2020-09-02 | FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion se… |
| CVE-2020-13937 | MEDIUM | 5.3 | 2020-10-19 | Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3… |
| CVE-2021-26697 | MEDIUM | 5.3 | 2021-02-17 | The lineage endpoint of the deprecated Experimental API was not protected by authentication in Airflow 2.0.0. This allowed unauthenticated users to hit that endpoint. This is low-… |
| CVE-2021-33190 | MEDIUM | 5.3 | 2021-06-08 | In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in order to facilitate users to configure external network access. In the IP allowed… |
| CVE-2019-17567 | MEDIUM | 5.3 | 2021-06-10 | Apache HTTP Server versions 2.4.6 to 2.4.46 mod_proxy_wstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regard… |
| CVE-2021-30641 | MEDIUM | 5.3 | 2021-06-10 | Apache HTTP Server versions 2.4.39 to 2.4.46 Unexpected matching behavior with 'MergeSlashes OFF' |
| CVE-2021-32785 | MEDIUM | 5.3 | 2021-07-22 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID… |
| CVE-2021-35936 | MEDIUM | 5.3 | 2021-08-16 | If remote logging is not used, the worker (in the case of CeleryExecutor) or the scheduler (in the case of LocalExecutor) runs a Flask logging server and is listening on a specifi… |
| CVE-2021-41160 | MEDIUM | 5.3 | 2021-10-21 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes… |
| CVE-2022-28330 | MEDIUM | 5.3 | 2022-06-09 | Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module. |
| CVE-2022-28614 | MEDIUM | 5.3 | 2022-06-09 | The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or a… |
| CVE-2022-32549 | MEDIUM | 5.3 | 2022-06-22 | Apache Sling Commons Log <= 5.4.0 and Apache Sling API <= 2.25.0 are vulnerable to log injection. The ability to forge logs may allow an attacker to cover tracks by injecting fake… |
| CVE-2022-45910 | MEDIUM | 5.3 | 2022-12-07 | Improper neutralization of special elements used in an LDAP query ('LDAP Injection') vulnerability in ActiveDirectory and Sharepoint ActiveDirectory authority connectors of Apache… |
| CVE-2022-45438 | MEDIUM | 5.3 | 2023-01-16 | When explicitly enabling the feature flag DASHBOARD_CACHE (disabled by default), the system allowed for an unauthenticated user to access dashboard configuration metadata using a … |
| CVE-2022-37436 | MEDIUM | 5.3 | 2023-01-17 | Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. … |
| CVE-2023-25695 | MEDIUM | 5.3 | 2023-03-15 | Generation of Error Message Containing Sensitive Information vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.5.2. |
| CVE-2023-28936 | MEDIUM | 5.3 | 2023-05-12 | Attacker can access arbitrary recording/room Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 |
| CVE-2023-34040 | MEDIUM | 5.3 | 2023-08-24 | In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An a… |
| CVE-2023-39351 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions of FreeRDP are subject to a Null Pointer Dereference le… |
| CVE-2023-39352 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an invalid offset validation leading to … |
| CVE-2023-39353 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to a missing offset validation leading to O… |
| CVE-2023-39356 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bo… |
| CVE-2023-40181 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-B… |
| CVE-2023-40188 | MEDIUM | 5.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_Lu… |
| CVE-2024-26307 | MEDIUM | 5.3 | 2024-03-21 | Possible race condition vulnerability in Apache Doris. Some of code using `chmod()` method. This method run the risk of someone renaming the file out from under user and chmodding… |
| CVE-2024-29735 | MEDIUM | 5.3 | 2024-03-26 | Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow inco… |
| CVE-2024-34580 | MEDIUM | 5.3 | 2024-06-26 | Apache XML Security for C++ through 2.0.4 implements the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo elemen… |
| CVE-2024-40725 | MEDIUM | 5.3 | 2024-07-18 | A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar confi… |
| CVE-2024-8510 | MEDIUM | 5.3 | 2025-03-17 | N-central is vulnerable to a path traversal that allows unintended access to the Apache Tomcat WEB-INF directory. Customer data is not exposed. This vulnerability is present in … |
| CVE-2025-46647 | MEDIUM | 5.3 | 2025-07-02 | A vulnerability of plugin openid-connect in Apache APISIX. This vulnerability will only have an impact if all of the following conditions are met: 1. Use the openid-connect plugi… |
| CVE-2025-48924 | MEDIUM | 5.3 | 2025-07-11 | Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects Apache Commons Lang: Starting with commons-lang:commons-lang 2.0 to 2.6, and, from org.apache.comm… |
| CVE-2025-48459 | MEDIUM | 5.3 | 2025-09-24 | Deserialization of Untrusted Data vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 2.0.5. Users are recommended to upgrade to version 2.0.5, whi… |
| CVE-2025-59792 | MEDIUM | 5.3 | 2025-11-28 | Reveals plaintext credentials in the MONITOR command vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.0.0 through 2.13.0. Users are recommended to upgr… |
| CVE-2026-23903 | MEDIUM | 5.3 | 2026-02-09 | Authentication Bypass by Alternate Name vulnerability in Apache Shiro. This issue affects Apache Shiro: before 2.0.7. Users are recommended to upgrade to version 2.0.7, which fi… |
| CVE-2025-59060 | MEDIUM | 5.3 | 2026-03-03 | Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.… |
| CVE-2026-31924 | MEDIUM | 5.3 | 2026-04-14 | Cleartext Transmission of Sensitive Information vulnerability in Apache APISIX. tencent-cloud-cls log export uses plaintext HTTP This issue affects Apache APISIX: from 2.99.0 thr… |
| CVE-2026-33857 | MEDIUM | 5.3 | 2026-05-04 | Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4… |
| CVE-2026-34032 | MEDIUM | 5.3 | 2026-05-04 | Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to ver… |
| CVE-2026-33007 | MEDIUM | 5.3 | 2026-05-04 | A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward pr… |
| CVE-2026-42241 | MEDIUM | 5.3 | 2026-05-07 | ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc using … |
| CVE-2026-45205 | MEDIUM | 5.3 | 2026-05-14 | Uncontrolled Recursion vulnerability in Apache Commons. When processing an untrusted configuration file, Commons Configuration will throw a StackOverflowError for YAML input with… |
| CVE-2026-31387 | MEDIUM | 5.3 | 2026-05-19 | Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the is… |
| CVE-2026-31388 | MEDIUM | 5.3 | 2026-05-19 | Improper Access Control vulnerability in Apache OFBiz in multi-tenant deployments. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version … |
| CVE-2026-49328 | MEDIUM | 5.3 | 2026-06-01 | Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network r… |
| CVE-2013-1862 | MEDIUM | 5.1 | 2013-06-10 | mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remo… |
| CVE-2001-1510 | MEDIUM | 5.0 | 2001-12-31 | Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files … |
| CVE-2002-1592 | MEDIUM | 5.0 | 2002-05-06 | The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, w… |
| CVE-2002-0249 | MEDIUM | 5.0 | 2002-05-29 | PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed a… |
| CVE-2002-0654 | MEDIUM | 5.0 | 2002-09-05 | Apache 2.0 through 2.0.39 on Windows, OS2, and Netware allows remote attackers to determine the full pathname of the server via (1) a request for a .var file, which leaks the path… |
| CVE-2002-1593 | MEDIUM | 5.0 | 2002-09-25 | mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of se… |
| CVE-2002-1156 | MEDIUM | 5.0 | 2002-10-11 | Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. |
| CVE-2003-0017 | MEDIUM | 5.0 | 2003-02-07 | Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes… |
| CVE-2003-0083 | MEDIUM | 5.0 | 2003-04-02 | Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert th… |
| CVE-2003-0132 | MEDIUM | 5.0 | 2003-04-11 | A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache t… |
| CVE-2003-0134 | MEDIUM | 5.0 | 2003-04-11 | Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device na… |
| CVE-2003-0189 | MEDIUM | 5.0 | 2003-06-09 | The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers… |
| CVE-2003-0245 | MEDIUM | 5.0 | 2003-06-09 | Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (cras… |
| CVE-2003-0253 | MEDIUM | 5.0 | 2003-08-18 | The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. |
| CVE-2003-0254 | MEDIUM | 5.0 | 2003-08-18 | Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an… |
| CVE-2003-1138 | MEDIUM | 5.0 | 2003-10-27 | The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is… |
| CVE-2003-1172 | MEDIUM | 5.0 | 2003-12-31 | Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot d… |
| CVE-2004-0113 | MEDIUM | 5.0 | 2004-03-29 | Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL p… |
| CVE-2004-0173 | MEDIUM | 5.0 | 2004-04-15 | Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL co… |
| CVE-2004-0809 | MEDIUM | 5.0 | 2004-09-16 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location t… |
| CVE-2004-0748 | MEDIUM | 5.0 | 2004-10-20 | mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child proc… |
| CVE-2004-0751 | MEDIUM | 5.0 | 2004-10-20 | The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentatio… |
| CVE-2004-0786 | MEDIUM | 5.0 | 2004-10-20 | The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as… |
| CVE-2004-0263 | MEDIUM | 5.0 | 2004-11-23 | PHP 4.3.4 and earlier in Apache 1.x and 2.x (mod_php) can leak global variables between virtual hosts that are handled by the same Apache child process but have different settings… |
| CVE-2004-0942 | MEDIUM | 5.0 | 2005-02-09 | Apache webserver 2.0.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request with a MIME header containing multiple lines wit… |
| CVE-2005-2728 | MEDIUM | 5.0 | 2005-08-30 | The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. |
| CVE-2005-2970 | MEDIUM | 5.0 | 2005-10-25 | Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections,… |
| CVE-2006-0042 | MEDIUM | 5.0 | 2006-02-18 | Unspecified vulnerability in (1) apreq_parse_headers and (2) apreq_parse_urlencoded functions in Apache2::Request (Libapreq2) before 2.07 allows remote attackers to cause a denial… |
| CVE-2006-1292 | MEDIUM | 5.0 | 2006-03-19 | Directory traversal vulnerability in Jim Hu and Chad Little PHP iCalendar 2.21 and earlier allows remote attackers to include and execute arbitrary local files via directory trave… |
| CVE-2007-0419 | MEDIUM | 5.0 | 2007-01-23 | The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote attackers to cause a denial of serv… |
| CVE-2007-1349 | MEDIUM | 5.0 | 2007-03-30 | PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attack… |
| CVE-2007-1862 | MEDIUM | 5.0 | 2007-06-04 | The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously … |
| CVE-2007-3847 | MEDIUM | 5.0 | 2007-08-23 | The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching for… |
| CVE-2007-5085 | MEDIUM | 5.0 | 2007-09-26 | Unspecified vulnerability in the management EJB (MEJB) in Apache Geronimo before 2.0.2 allows remote attackers to bypass authentication and obtain "access to Geronimo internals" v… |
| CVE-2008-2364 | MEDIUM | 5.0 | 2008-06-13 | The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim r… |
| CVE-2008-5676 | MEDIUM | 5.0 | 2008-12-19 | Multiple unspecified vulnerabilities in the ModSecurity (aka mod_security) module 2.5.0 through 2.5.5 for the Apache HTTP Server, when SecCacheTransformations is enabled, allow re… |
| CVE-2008-6504 | MEDIUM | 5.0 | 2009-03-23 | ParametersInterceptor in OpenSymphony XWork 2.0.x before 2.0.6 and 2.1.x before 2.1.2, as used in Apache Struts and other products, does not properly restrict # (pound sign) refer… |
| CVE-2008-6505 | MEDIUM | 5.0 | 2009-03-23 | Multiple directory traversal vulnerabilities in Apache Struts 2.0.x before 2.0.12 and 2.1.x before 2.1.3 allow remote attackers to read arbitrary files via a ..%252f (encoded dot … |
| CVE-2009-1191 | MEDIUM | 5.0 | 2009-04-23 | mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier … |
| CVE-2009-2299 | MEDIUM | 5.0 | 2009-07-02 | The Artofdefence Hyperguard Web Application Firewall (WAF) module before 2.5.5-11635, 3.0 before 3.0.3-11636, and 3.1 before 3.1.1-11637, a module for the Apache HTTP Server, allo… |
| CVE-2009-2625 | MEDIUM | 5.0 | 2009-08-06 | XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products… |
| CVE-2010-0408 | MEDIUM | 5.0 | 2010-03-05 | The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2.x before 2.2.15 does not properly handle certain situations in which a client s… |
| CVE-2010-2068 | MEDIUM | 5.0 | 2010-06-18 | mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving … |
| CVE-2010-1452 | MEDIUM | 5.0 | 2010-07-28 | The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lack… |
| CVE-2010-2791 | MEDIUM | 5.0 | 2010-08-05 | mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend connection if a timeout occurs when reading a response from a persistent connectio… |
| CVE-2010-2057 | MEDIUM | 5.0 | 2010-10-20 | shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MA… |
| CVE-2010-4476 | MEDIUM | 5.0 | 2011-02-17 | The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlie… |
| CVE-2011-2088 | MEDIUM | 5.0 | 2011-05-13 | XWork 2.2.1 in Apache Struts 2.2.1, and OpenSymphony XWork in OpenSymphony WebWork, allows remote attackers to obtain potentially sensitive information about internal Java class p… |
| CVE-2011-1752 | MEDIUM | 5.0 | 2011-06-06 | The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereferenc… |
| CVE-2011-2516 | MEDIUM | 5.0 | 2011-07-11 | Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to caus… |
| CVE-2011-3368 | MEDIUM | 5.0 | 2011-10-05 | The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) … |
| CVE-2007-6750 | MEDIUM | 5.0 | 2011-12-27 | The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lac… |
| CVE-2011-5057 | MEDIUM | 5.0 | 2012-01-08 | Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might … |
| CVE-2012-1181 | MEDIUM | 5.0 | 2012-03-19 | fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for… |
| CVE-2012-0256 | MEDIUM | 5.0 | 2012-03-26 | Apache Traffic Server 2.0.x and 3.0.x before 3.0.4 and 3.1.x before 3.1.3 does not properly allocate heap memory, which allows remote attackers to cause a denial of service (daemo… |
| CVE-2012-2138 | MEDIUM | 5.0 | 2012-07-09 | The @CopyFrom operation in the POST servlet in the org.apache.sling.servlets.post bundle before 2.1.2 in Apache Sling does not prevent attempts to copy an ancestor node to a desce… |
| CVE-2012-4387 | MEDIUM | 5.0 | 2012-09-05 | Apache Struts 2.0.0 through 2.3.4 allows remote attackers to cause a denial of service (CPU consumption) via a long parameter name, which is processed as an OGNL expression. |
| CVE-2012-4557 | MEDIUM | 5.0 | 2012-11-30 | The mod_proxy_ajp module in the Apache HTTP Server 2.2.12 through 2.2.21 places a worker node into an error state upon detection of a long request-processing time, which allows re… |
| CVE-2012-4528 | MEDIUM | 5.0 | 2012-12-28 | The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart req… |
| CVE-2013-0239 | MEDIUM | 5.0 | 2013-03-12 | Apache CXF before 2.5.9, 2.6.x before 2.6.6, and 2.7.x before 2.7.3, when the plaintext UsernameToken WS-SecurityPolicy is enabled, allows remote attackers to bypass authenticatio… |
| CVE-2013-2765 | MEDIUM | 5.0 | 2013-07-15 | The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption)… |
| CVE-2013-2160 | MEDIUM | 5.0 | 2013-08-19 | The streaming XML parser in Apache CXF 2.5.x before 2.5.10, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to cause a denial of service (CPU and memory consump… |
| CVE-2013-2254 | MEDIUM | 5.0 | 2013-10-17 | The deepGetOrCreateNode function in impl/operations/AbstractCreateOperation.java in org.apache.sling.servlets.post.bundle 2.2.0 and 2.3.0 in Apache Sling does not properly handle … |
| CVE-2013-4295 | MEDIUM | 5.0 | 2013-10-24 | The gadget renderer in Apache Shindig 2.5.0 for PHP allows remote attackers to obtain sensitive information via an XML document containing an external entity declaration in conjun… |
| CVE-2014-0094 | MEDIUM | 5.0 | 2014-03-11 | The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. |
| CVE-2013-6438 | MEDIUM | 5.0 | 2014-03-18 | The dav_xml_get_cdata function in main/util.c in the mod_dav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, whic… |
| CVE-2014-0098 | MEDIUM | 5.0 | 2014-03-18 | The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server before 2.4.8 allows remote attackers to cause a denial of service (segmentation … |
| CVE-2012-5641 | MEDIUM | 5.0 | 2014-03-18 | Directory traversal vulnerability in the partition2 function in mochiweb_util.erl in MochiWeb before 2.4.0, as used in Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x b… |
| CVE-2013-5704 | MEDIUM | 5.0 | 2014-04-15 | The mod_headers module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent … |
| CVE-2013-5705 | MEDIUM | 5.0 | 2014-04-15 | apache2/modsecurity.c in ModSecurity before 2.7.6 allows remote attackers to bypass rules by using chunked transfer coding with a capitalized Chunked value in the Transfer-Encodin… |
| CVE-2013-7372 | MEDIUM | 5.0 | 2014-04-29 | The engineNextBytes function in classlib/modules/security/src/main/java/common/org/apache/harmony/security/provider/crypto/SHA1PRNG_SecureRandomImpl.java in the SecureRandom imple… |
| CVE-2011-4367 | MEDIUM | 5.0 | 2014-06-19 | Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arb… |
| CVE-2014-0231 | MEDIUM | 5.0 | 2014-07-20 | The mod_cgid module in the Apache HTTP Server before 2.4.10 does not have a timeout mechanism, which allows remote attackers to cause a denial of service (process hang) via a requ… |
| CVE-2014-3523 | MEDIUM | 5.0 | 2014-07-20 | Memory leak in the winnt_accept function in server/mpm/winnt/child.c in the WinNT MPM in the Apache HTTP Server 2.4.x before 2.4.10 on Windows, when the default AcceptFilter is en… |
| CVE-2014-3581 | MEDIUM | 5.0 | 2014-10-10 | The cache_merge_headers_out function in modules/cache/cache_util.c in the mod_cache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of ser… |
| CVE-2014-3584 | MEDIUM | 5.0 | 2014-10-30 | The SamlHeaderInHandler in Apache CXF before 2.6.11, 2.7.x before 2.7.8, and 3.0.x before 3.0.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted … |
| CVE-2014-3623 | MEDIUM | 5.0 | 2014-10-30 | Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML … |
| CVE-2014-3627 | MEDIUM | 5.0 | 2014-12-05 | The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions… |
| CVE-2014-3583 | MEDIUM | 5.0 | 2014-12-15 | The handle_headers function in mod_proxy_fcgi.c in the mod_proxy_fcgi module in the Apache HTTP Server 2.4.10 allows remote FastCGI servers to cause a denial of service (buffer ov… |
| CVE-2014-8152 | MEDIUM | 5.0 | 2015-01-21 | Apache Santuario XML Security for Java 2.0.x before 2.0.3 allows remote attackers to bypass the streaming XML signature protection mechanism via a crafted XML document. |
| CVE-2015-0227 | MEDIUM | 5.0 | 2015-02-12 | Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedEncryptedDataElements configuration via a vectors related to "wrapping attacks." |
| CVE-2015-0228 | MEDIUM | 5.0 | 2015-03-08 | The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process… |
| CVE-2015-0263 | MEDIUM | 5.0 | 2015-06-03 | XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allows remote attacke… |
| CVE-2015-0264 | MEDIUM | 5.0 | 2015-06-03 | Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel before 2.13.4 and 2.14.x before 2.14.2 allow remote attackers to read arbitrary… |
| CVE-2015-0253 | MEDIUM | 5.0 | 2015-07-20 | The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a de… |
| CVE-2015-3183 | MEDIUM | 5.0 | 2015-07-20 | The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smu… |
| CVE-2015-3184 | MEDIUM | 5.0 | 2015-08-12 | mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote ano… |
| CVE-2023-23638 | MEDIUM | 5.0 | 2023-03-08 | A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior v… |
| CVE-2023-35887 | MEDIUM | 5.0 | 2023-07-10 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a … |
| CVE-2023-27523 | MEDIUM | 5.0 | 2023-09-06 | Improper data authorization check on Jinja templated queries in Apache Superset up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they… |
| CVE-2025-30474 | MEDIUM | 5.0 | 2025-03-23 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Commons VFS. The FtpFileObject class can throw an exception when a file is not found, revealing… |
| CVE-2004-2650 | MEDIUM | 4.9 | 2004-12-31 | Spooler in Apache Foundation James 2.2.0 allows local users to cause a denial of service (memory consumption) by triggering various error conditions in the retrieve function, whic… |
| CVE-2007-3303 | MEDIUM | 4.9 | 2007-06-20 | Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop r… |
| CVE-2009-1195 | MEDIUM | 4.9 | 2009-05-28 | The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges … |
| CVE-2016-0731 | MEDIUM | 4.9 | 2016-05-18 | The File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to read arbitrary files via a file: URL in the WebHDFS URL configuration. |
| CVE-2018-1322 | MEDIUM | 4.9 | 2018-03-20 | An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can … |
| CVE-2018-6185 | MEDIUM | 4.9 | 2019-06-07 | In Cloudera Navigator Key Trustee KMS 5.12 and 5.13, incorrect default ACL values allow remote access to purge and undelete API calls on encryption zone keys. The Navigator Key Tr… |
| CVE-2023-25504 | MEDIUM | 4.9 | 2023-04-17 | A malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery… |
| CVE-2023-30776 | MEDIUM | 4.9 | 2023-04-24 | An authenticated user with specific data permissions could access database connections stored passwords by requesting a specific REST API. This issue affects Apache Superset versi… |
| CVE-2024-52067 | MEDIUM | 4.9 | 2024-11-21 | Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized a… |
| CVE-2021-29425 | MEDIUM | 4.8 | 2021-04-13 | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value… |
| CVE-2024-45478 | MEDIUM | 4.8 | 2025-01-21 | Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this… |
| CVE-2025-68161 | MEDIUM | 4.8 | 2025-12-18 | The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https:… |
| CVE-2026-40557 | MEDIUM | 4.8 | 2026-04-27 | Improper Certificate Validation via Global SSL Context Downgrade in Apache Storm Prometheus Reporter Versions Affected: from 2.6.3 to 2.8.6 Description: In production deploy… |
| CVE-2026-33006 | MEDIUM | 4.8 | 2026-05-04 | A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.… |
| CVE-2007-3304 | MEDIUM | 4.7 | 2007-06-20 | Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to refer… |
| CVE-2018-1334 | MEDIUM | 4.7 | 2018-07-12 | In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersona… |
| CVE-2021-32786 | MEDIUM | 4.7 | 2021-07-22 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID… |
| CVE-2021-39191 | MEDIUM | 4.7 | 2021-09-03 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID… |
| CVE-2022-38170 | MEDIUM | 4.7 | 2022-09-02 | In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the `--daemon` flag which could result in a race condition giv… |
| CVE-2022-23527 | MEDIUM | 4.7 | 2022-12-14 | mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When p… |
| CVE-2024-26280 | MEDIUM | 4.7 | 2024-03-01 | Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated Ops and Viewers users to view all information on audit logs, including dag names and usernames… |
| CVE-2012-0031 | MEDIUM | 4.6 | 2012-01-18 | scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other im… |
| CVE-2013-1048 | MEDIUM | 4.6 | 2013-03-06 | The Debian apache2ctl script in the apache2 package squeeze before 2.2.16-6+squeeze11, wheezy before 2.2.22-13, and sid before 2.2.22-13 for the Apache HTTP Server on Debian GNU/L… |
| CVE-2024-37389 | MEDIUM | 4.6 | 2024-07-08 | Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that is vulnerable to cross-site scripting. An a… |
| CVE-2024-45477 | MEDIUM | 4.6 | 2024-10-29 | Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site sc… |
| CVE-2007-1743 | MEDIUM | 4.4 | 2007-04-13 | suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities … |
| CVE-2011-3607 | MEDIUM | 4.4 | 2011-11-08 | Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allo… |
| CVE-2012-0216 | MEDIUM | 4.4 | 2012-04-22 | The default configuration of the apache2 package in Debian GNU/Linux squeeze before 2.2.16-6+squeeze7, wheezy before 2.2.22-4, and sid before 2.2.22-4, when mod_php or mod_rivet i… |
| CVE-2023-31207 | MEDIUM | 4.4 | 2023-05-02 | Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apa… |
| CVE-2000-1205 | MEDIUM | 4.3 | 2000-02-01 | Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), whi… |
| CVE-2005-2088 | MEDIUM | 4.3 | 2005-07-05 | The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall prote… |
| CVE-2005-3352 | MEDIUM | 4.3 | 2005-12-13 | Cross-site scripting (XSS) vulnerability in the mod_imap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitr… |
| CVE-2006-3918 | MEDIUM | 4.3 | 2006-07-28 | http_protocol.c in (1) IBM HTTP Server 6.0 before 6.0.2.13 and 6.1 before 6.1.0.1, and (2) Apache HTTP Server 1.3 before 1.3.35, 2.0 before 2.0.58, and 2.2 before 2.2.2, does not … |
| CVE-2006-4110 | MEDIUM | 4.3 | 2006-08-14 | Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass… |
| CVE-2007-1539 | MEDIUM | 4.3 | 2007-03-20 | Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the modul… |
| CVE-2007-6203 | MEDIUM | 4.3 | 2007-12-03 | Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error mess… |
| CVE-2007-5000 | MEDIUM | 4.3 | 2007-12-13 | Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the… |
| CVE-2007-6388 | MEDIUM | 4.3 | 2008-01-08 | Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page … |
| CVE-2007-6420 | MEDIUM | 4.3 | 2008-01-12 | Cross-site request forgery (CSRF) vulnerability in the balancer-manager in mod_proxy_balancer for Apache HTTP Server 2.2.x allows remote attackers to gain privileges via unspecifi… |
| CVE-2008-0005 | MEDIUM | 4.3 | 2008-01-12 | mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site… |
| CVE-2008-0455 | MEDIUM | 4.3 | 2008-01-25 | Cross-site scripting (XSS) vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and… |
| CVE-2008-2168 | MEDIUM | 4.3 | 2008-05-13 | Cross-site scripting (XSS) vulnerability in Apache 2.2.6 and earlier allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded URLs that are not properly ha… |
| CVE-2008-2939 | MEDIUM | 4.3 | 2008-08-06 | Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 a… |
| CVE-2008-6682 | MEDIUM | 4.3 | 2009-04-09 | Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.x before 2.0.11.1 and 2.1.x before 2.1.1 allow remote attackers to inject arbitrary web script or HTML via… |
| CVE-2009-0038 | MEDIUM | 4.3 | 2009-04-17 | Multiple cross-site scripting (XSS) vulnerabilities in the web administration console in Apache Geronimo Application Server 2.1 through 2.1.3 allow remote attackers to inject arbi… |
| CVE-2008-6879 | MEDIUM | 4.3 | 2009-07-30 | Cross-site scripting (XSS) vulnerability in Apache Roller 2.3, 3.0, 3.1, and 4.0 allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search act… |
| CVE-2009-1885 | MEDIUM | 4.3 | 2009-08-11 | Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application … |
| CVE-2003-1580 | MEDIUM | 4.3 | 2010-02-05 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved … |
| CVE-2010-0434 | MEDIUM | 4.3 | 2010-03-05 | The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests … |
| CVE-2010-2952 | MEDIUM | 4.3 | 2010-09-13 | Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS source ports and transaction IDs, and does not properly use DNS query fields to v… |
| CVE-2011-1176 | MEDIUM | 4.3 | 2011-03-29 | The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain c… |
| CVE-2011-2087 | MEDIUM | 4.3 | 2011-05-13 | Multiple cross-site scripting (XSS) vulnerabilities in component handlers in the javatemplates (aka Java Templates) plugin in Apache Struts 2.x before 2.2.3 allow remote attackers… |
| CVE-2011-0419 | MEDIUM | 4.3 | 2011-05-16 | Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, … |
| CVE-2011-1928 | MEDIUM | 4.3 | 2011-05-24 | The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a den… |
| CVE-2011-3348 | MEDIUM | 4.3 | 2011-09-20 | The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service… |
| CVE-2011-3639 | MEDIUM | 4.3 | 2011-11-30 | The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1… |
| CVE-2011-4317 | MEDIUM | 4.3 | 2011-11-30 | The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly… |
| CVE-2012-0053 | MEDIUM | 4.3 | 2012-01-28 | protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows … |
| CVE-2012-1006 | MEDIUM | 4.3 | 2012-02-07 | Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.0.14 and 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) lastNam… |
| CVE-2012-3502 | MEDIUM | 4.3 | 2012-08-22 | The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does … |
| CVE-2012-3451 | MEDIUM | 4.3 | 2012-09-24 | Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action Str… |
| CVE-2012-2378 | MEDIUM | 4.3 | 2013-01-05 | Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the clie… |
| CVE-2012-3499 | MEDIUM | 4.3 | 2013-02-26 | Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script … |
| CVE-2012-4558 | MEDIUM | 4.3 | 2013-02-26 | Multiple cross-site scripting (XSS) vulnerabilities in the balancer_handler function in the manager interface in mod_proxy_balancer.c in the mod_proxy_balancer module in the Apach… |
| CVE-2013-1896 | MEDIUM | 4.3 | 2013-07-10 | mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segment… |
| CVE-2013-6289 | MEDIUM | 4.3 | 2013-10-28 | Cross-site scripting (XSS) vulnerability in the Apache Solr for TYPO3 (solr) extension before 2.8.3 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via un… |
| CVE-2013-6348 | MEDIUM | 4.3 | 2013-11-02 | Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 2.3.15.3 allow remote attackers to inject arbitrary web script or HTML via the namespace parameter to (1) acti… |
| CVE-2014-0109 | MEDIUM | 4.3 | 2014-05-08 | Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (memory consumption) via a large request with the Content-Type set to text/ht… |
| CVE-2014-0110 | MEDIUM | 4.3 | 2014-05-08 | Apache CXF before 2.6.14 and 2.7.x before 2.7.11 allows remote attackers to cause a denial of service (/tmp disk consumption) via a large invalid SOAP message. |
| CVE-2014-0034 | MEDIUM | 4.3 | 2014-07-07 | The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not properly validate SAML tokens when caching is enabled, which allows remote attackers to … |
| CVE-2014-0035 | MEDIUM | 4.3 | 2014-07-07 | The SymmetricBinding in Apache CXF before 2.6.13 and 2.7.x before 2.7.10, when EncryptBeforeSigning is enabled and the UsernameToken policy is set to an EncryptedSupportingToken, … |
| CVE-2013-4352 | MEDIUM | 4.3 | 2014-07-20 | The cache_invalidate function in modules/cache/cache_storage.c in the mod_cache module in the Apache HTTP Server 2.4.6, when a caching forward proxy is enabled, allows remote HTTP… |
| CVE-2014-0117 | MEDIUM | 4.3 | 2014-07-20 | The mod_proxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service (child-process crash) via… |
| CVE-2014-0118 | MEDIUM | 4.3 | 2014-07-20 | The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attack… |
| CVE-2014-8109 | MEDIUM | 4.3 | 2014-12-29 | mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not support an httpd configuration in which the same Lua authorization provider is us… |
| CVE-2015-2944 | MEDIUM | 4.3 | 2015-06-02 | Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web scr… |
| CVE-2015-3185 | MEDIUM | 4.3 | 2015-07-20 | The ap_some_auth_required function in server/request.c in the Apache HTTP Server 2.4.x before 2.4.14 does not consider that a Require directive may be associated with an authoriza… |
| CVE-2015-4928 | MEDIUM | 4.3 | 2015-11-08 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to ob… |
| CVE-2017-12625 | MEDIUM | 4.3 | 2017-11-01 | Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache… |
| CVE-2016-8612 | MEDIUM | 4.3 | 2018-03-09 | Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmenta… |
| CVE-2018-1314 | MEDIUM | 4.3 | 2018-11-08 | In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do "EXPLAIN"… |
| CVE-2019-12938 | MEDIUM | 4.3 | 2019-06-24 | The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attack… |
| CVE-2023-34149 | MEDIUM | 4.3 | 2023-06-14 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Up… |
| CVE-2023-34396 | MEDIUM | 4.3 | 2023-06-14 | Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. Up… |
| CVE-2023-40589 | MEDIUM | 4.3 | 2023-08-31 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions there is a Global-Buffer-Overflow in the ncrush_deco… |
| CVE-2023-27526 | MEDIUM | 4.3 | 2023-09-06 | A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0. |
| CVE-2023-36388 | MEDIUM | 4.3 | 2023-09-06 | Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF. |
| CVE-2023-39264 | MEDIUM | 4.3 | 2023-09-06 | By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset ve… |
| CVE-2023-32672 | MEDIUM | 4.3 | 2023-09-06 | An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not … |
| CVE-2023-40611 | MEDIUM | 4.3 | 2023-09-12 | Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting … |
| CVE-2023-45348 | MEDIUM | 4.3 | 2023-10-14 | Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config"… |
| CVE-2023-46288 | MEDIUM | 4.3 | 2023-10-23 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.4.0 to 2.7.0. Sensitive configuration informat… |
| CVE-2023-47037 | MEDIUM | 4.3 | 2023-11-12 | We failed to apply CVE-2023-40611 in 2.7.1 and this vulnerability was marked as fixed then. Apache Airflow, versions before 2.7.3, is affected by a vulnerability that allows aut… |
| CVE-2023-42501 | MEDIUM | 4.3 | 2023-11-27 | Unnecessary read permissions within the Gamma role would allow authenticated users to read configured CSS templates and annotations. This issue affects Apache Superset: before 2.1… |
| CVE-2023-43701 | MEDIUM | 4.3 | 2023-11-27 | Improper payload validation and an improper REST API response type, made it possible for an authenticated malicious actor to store malicious code into Chart's metadata, this code … |
| CVE-2023-48291 | MEDIUM | 4.3 | 2023-12-21 | Apache Airflow, in versions prior to 2.8.0, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could giv… |
| CVE-2024-47554 | MEDIUM | 4.3 | 2024-10-03 | Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing … |
| CVE-2024-54016 | MEDIUM | 4.3 | 2025-03-20 | Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Apache Seata (incubating). This issue affects Apache Seata (incubating): through <=2.2.0. Users… |
| CVE-2025-27427 | MEDIUM | 4.3 | 2025-04-01 | A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type support… |
| CVE-2026-32642 | MEDIUM | 4.3 | 2026-03-24 | Incorrect Authorization (CWE-863) vulnerability in Apache Artemis, Apache ActiveMQ Artemis exists when an application using the OpenWire protocol attempts to create a non-durable … |
| CVE-2026-33929 | MEDIUM | 4.3 | 2026-04-14 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache PDFBox Examples. This issue affects the ExtractEmbeddedFiles example in Ap… |
| CVE-2026-40914 | MEDIUM | 4.3 | 2026-05-28 | A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address c… |
| CVE-2019-0197 | MEDIUM | 4.2 | 2019-06-11 | A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request fro… |
| CVE-2007-6422 | MEDIUM | 4.0 | 2008-01-08 | The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated use… |
| CVE-2015-5253 | MEDIUM | 4.0 | 2015-11-18 | The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML respo… |
| CVE-2023-39265 | LOW | 3.8 | 2023-09-06 | Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database i… |
| CVE-2007-1742 | LOW | 3.7 | 2007-04-13 | suexec in Apache HTTP Server (httpd) 2.2.3 uses a partial comparison for verifying whether the current directory is within the document root, which might allow local users to perf… |
| CVE-2018-1284 | LOW | 3.7 | 2018-04-05 | In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to… |
| CVE-2018-1315 | LOW | 3.7 | 2018-04-05 | In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arb… |
| CVE-2020-9488 | LOW | 3.7 | 2020-04-27 | Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which cou… |
| CVE-2026-24656 | LOW | 3.7 | 2026-01-26 | Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector expos… |
| CVE-2007-5731 | LOW | 3.5 | 2007-10-30 | Absolute path traversal vulnerability in Apache Jakarta Slide 2.1 and earlier allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies a… |
| CVE-2007-6421 | LOW | 3.5 | 2008-01-08 | Cross-site scripting (XSS) vulnerability in balancer-manager in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inject arbitrary web sc… |
| CVE-2014-0848 | LOW | 3.5 | 2014-03-26 | The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 before 2.0.0.4 have weak SSLCipherSuite values, which makes it … |
| CVE-2015-3186 | LOW | 3.5 | 2015-11-02 | Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field… |
| CVE-2001-0131 | LOW | 3.3 | 2001-03-12 | htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2016-0707 | LOW | 3.3 | 2016-05-18 | The agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data and (2) /var/lib/ambari-agent/keys directories, which allows local users to ob… |
| CVE-2013-2192 | LOW | 3.2 | 2014-01-24 | The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in… |
| CVE-2021-32792 | LOW | 3.1 | 2021-07-26 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID… |
| CVE-2023-27525 | LOW | 3.1 | 2023-04-17 | An authenticated user with Gamma role authorization could have access to metadata information using non trivial methods in Apache Superset up to and including 2.0.1 |
| CVE-2026-44367 | LOW | 2.7 | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, a vulnerability exists in the user registration and login mechanisms due to i… |
| CVE-2002-1233 | LOW | 2.6 | 2002-11-04 | A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local… |
| CVE-2007-1358 | LOW | 2.6 | 2007-05-10 | Cross-site scripting (XSS) vulnerability in certain applications using Apache Tomcat 4.0.0 through 4.0.6 and 4.1.0 through 4.1.34 allows remote attackers to inject arbitrary web s… |
| CVE-2008-0456 | LOW | 2.6 | 2008-01-25 | CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and … |
| CVE-2009-3094 | LOW | 2.6 | 2009-09-08 | The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial … |
| CVE-2003-1581 | LOW | 2.6 | 2010-02-05 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conju… |
| CVE-2011-1772 | LOW | 2.6 | 2011-05-13 | Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject ar… |
| CVE-2012-0021 | LOW | 2.6 | 2012-01-28 | The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %… |
| CVE-2012-2687 | LOW | 2.6 | 2012-08-22 | Multiple cross-site scripting (XSS) vulnerabilities in the make_variant_list function in mod_negotiation.c in the mod_negotiation module in the Apache HTTP Server 2.4.x before 2.4… |
| CVE-2026-23901 | LOW | 2.5 | 2026-02-10 | Observable Timing Discrepancy vulnerability in Apache Shiro. This issue affects Apache Shiro: from 1.*, 2.* before 2.0.7. Users are recommended to upgrade to version 2.0.7 or la… |
| CVE-2004-1834 | LOW | 2.1 | 2004-03-20 | mod_disk_cache in Apache 2.0 through 2.0.49 stores client headers, including authentication information, on the hard disk, which could allow local users to gain sensitive informat… |
| CVE-2015-4940 | LOW | 2.1 | 2015-11-08 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain s… |
| CVE-2011-4415 | LOW | 1.2 | 2011-11-08 | The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, does not restrict the si… |
| CVE-2023-31007 | NONE | 0.0 | 2023-07-12 | Improper Authentication vulnerability in Apache Software Foundation Apache Pulsar Broker allows a client to stay connected to a broker after authentication data expires if the cli… |
| CVE-2025-31492 | N/A | — | 2025-04-06 | mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. Prio… |
| CVE-2026-4649 | N/A | — | 2026-03-24 | Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-202… |
| CVE-2026-45080 | N/A | — | 2026-06-02 | Klaw is a self-service Apache Kafka Topic Management/Governance tool/portal. Prior to version 2.10.4, improper access control allows disclosure of password hash. This issue has be… |
| CVE-2026-43926 | N/A | — | 2026-06-04 | FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the password reset confirmation endpoint `/client/reset-password-confirm/:hash` is… |
Plain English · Fix recommendations · Instant PDF & HTML download
Scan your site in 30 seconds. Used by 500+ web agencies.
Apache 2 remains a trusted web server platform, but its security depends entirely on keeping it updated. With 178 critical vulnerabilities identified and 10,501 websites still using vulnerable versions, the risk is real and immediate. Attackers are actively scanning for unpatched Apache servers to exploit flaws like Log4j2 injection, OGNL expression injection, and TLS protocol bypass attacks.
The solution is simple: update now and monitor continuously. SiteRecipe.com provides automated vulnerability scanning, patch management, and security recommendations specifically designed for Apache 2 environments. Our platform scans your website against the entire CVE database, identifies exploitable weaknesses, and guides you through remediation step-by-step. Don't wait for a breach to happen—secure your Apache 2 server today with SiteRecipe.com's comprehensive security analysis.
Web agencies use SiteRecipe to produce branded PDF security reports in 30 seconds.