Filter
-Infinity
0
Trending
Software
apache http server
384
apache struts 2
90
apache airflow
89
apache openoffice
81
apache traffic server
78
apache ofbiz
56
apache superset
54
apache cxf
52
apache nifi
51
apache activemq
46
apache solr
41
apache hadoop
35
apache inlong
29
apache cloudstack
25
apache ambari
24
apache james
24
apache openmeetings
24
apache couchdb
23
apache tika
23
apache jspwiki
22
apache geode
21
apache archiva
19
apache cassandra
19
apache dolphinscheduler
19
apache kylin
19
apache log4j
19
apache spark
19
apache ranger
18
apache zeppelin
18
apache pulsar
17
apache shiro
17
apache dubbo
16
apache wicket
16
apache qpid
15
apache activemq artemis
14
apache fineract
14
apache hive
14
apache roller
14
apache atlas
13
apache batik
13
apache commons compress
13
apache cordova
13
apache guacamole
11
apache karaf
11
apache tapestry
11
apache answer
10
apache druid
10
apache kafka
10
apache poi
10
apache portable runtime
10
Apache Superset: Improper authorization leading to source ownership takeover
First published (updated )
CVE-2025-27696: Apache Superset: Improper authorization leading to source ownership takeover
First published (updated )
Apache Commons ConfigurationApache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
EPSS
0.02%
Month
First published (updated )
CVE-2025-46392: Apache Commons Configuration: StackOverflowError loading untrusted configuration
First published (updated )
BleepingComputerApache Parquet exploit tool detect servers vulnerable to critical flaw
First published (updated )
News
BleepingComputerNever miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.activemq:activemq-clientApache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
First published (updated )
CVE-2025-27533: Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
First published (updated )
Apache ParquetApache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when reading an Avro schema from a Parquet file metadata
First published (updated )
CVE-2025-46762: Apache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when ading an Avro schema from a Parquet file metadata
First published (updated )
BleepingComputerSonicWall warns of more VPN flaws exploited in attacks
First published (updated )
News
BleepingComputerNever miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache ActiveMQ NMS OpenWire ClientApache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
First published (updated )
Apache ActiveMQ NMS OpenWire ClientZDI-25-266: Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
First published (updated )
CVE-2025-31651: Apache Tomcat: Bypass of rules in write Valve
First published (updated )
TomcatApache Tomcat: Bypass of rules in Rewrite Valve
First published (updated )
CVE-2025-31650: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
TomcatApache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
First published (updated )
TomcatApache Tomcat vulnerability
First published (updated )
Apache Traffic ServerApache Traffic Server vulnerability
First published (updated )
Apache Commons HttpClientApache HttpComponents: PSL (Public Suffix List) validation bypass
7.5
First published (updated )
debian/libapache2-mod-auth-openidcMod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled
5.3
EPSS
0.08%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HTTP ServerAn unauthenticated attacker can crash the Apache httpd process by sending an empty POST request when…
First published (updated )
Apache KvrocksApache Kvrocks: The server was crashed by the negative offset
7.5
First published (updated )
CVE-2025-26413: Apache Kvrocks: The server was crashed by the negative offset
First published (updated )
Apache ActiveMQ NMS OpenWire ClientApache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass
First published (updated )
CVE-2025-29953: Apache ActiveMQ NMS OpenWiClient: deserialization allowlist bypass
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Druid Monitoring Consolebaseweb JSite Apache Druid Monitoring Console index.html access control
6.9
EPSS
0.04%
First published (updated )
Dromara HertzbeatApache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
6.5
First published (updated )
CVE-2024-56736: Apache HertzBeat (incubating): Server-Side quest Forgery (SSRF) in Api Config Oss
First published (updated )
The RegisterHacktivism resurges – but don't be fooled, it's often state-backed goons in masks
First published (updated )
News
The RegisterCVE-2025-32896: Apache SeaTunnel: Unauthenticated insecuaccess
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.