Filter
-Infinity
0
Trending
Software
apache http server
379
apache struts 2
90
apache airflow
87
apache openoffice
81
apache traffic server
77
apache ofbiz
56
apache cxf
52
apache superset
52
apache nifi
51
apache activemq
44
apache solr
41
apache hadoop
35
apache inlong
28
apache cloudstack
25
apache openmeetings
24
apache ambari
23
apache couchdb
23
apache tika
23
apache james
22
apache jspwiki
22
apache geode
21
apache log4j
21
apache archiva
19
apache cassandra
19
apache dolphinscheduler
19
apache kylin
19
apache spark
19
apache ranger
18
apache pulsar
17
apache shiro
17
apache dubbo
16
apache wicket
16
apache qpid
15
apache activemq artemis
14
apache fineract
14
apache hive
14
apache roller
14
apache atlas
13
apache batik
13
apache commons compress
13
apache cordova
13
apache druid
11
apache guacamole
11
apache karaf
11
apache tapestry
11
apache kafka
10
apache poi
10
apache portable runtime
10
apache sling api
10
apache xerces-c++
10
Apache ActiveMQ NMS OpenWire ClientApache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass
Week
First published (updated )
CVE-2025-29953: Apache ActiveMQ NMS OpenWiClient: deserialization allowlist bypass
First published (updated )
Apache Druid Monitoring Consolebaseweb JSite Apache Druid Monitoring Console index.html access control
6.9
EPSS
0.03%
First published (updated )
Dromara HertzbeatApache HertzBeat: Server-Side Request Forgery (SSRF) in Api Config Oss
First published (updated )
CVE-2024-56736: Apache HertzBeat (incubating): Server-Side quest Forgery (SSRF) in Api Config Oss
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The RegisterHacktivism resurges – but don't be fooled, it's often state-backed goons in masks
First published (updated )
News
The RegisterCVE-2025-32896: Apache SeaTunnel: Unauthenticated insecuaccess
First published (updated )
Apache RollerApache Roller: Insufficient Session Expiration on Password Change
2.1
First published (updated )
CVE-2025-24859: Apache Roller: Insufficient Session Expiration on Password Change
First published (updated )
CVE-2025-29868: Apache Answer: Using externally fenced images can leak user privacy.
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache ActiveMQ ArtemisApache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log
6.8
First published (updated )
CVE-2025-27391: Apache ActiveMQ Artemis: Passwords leaking from broker properties in the debug log
First published (updated )
maven/org.apache.pulsar:pulsar-io-kafkaApache Pulsar IO Kafka Connector, Apache Pulsar IO Kafka Connect Adaptor: Sensitive information logged in Pulsar's Apache Kafka Connectors
6.3
First published (updated )
CVE-2025-30677: Apache Pulsar IO Kafka Connector, Apache Pulsar IO Kafka Connect Adaptor: Sensitive information logged in Pulsar's Apache Kafka Connectors
First published (updated )
Go beyond CVSS scores
First published (updated )
Social
redditNever miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache POIApache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could read unexpected data if underlying zip has duplicate zip entry names
5.3
EPSS
0.05%
First published (updated )
CVE-2025-31672: Apache POI: parsing OOXML based files (xlsx, docx, etc.), poi-ooxml could ad unexpected data if underlying zip has duplicate zip entry names
First published (updated )
The RegisterSignalgate solved? Reports claim accidental contact mix-up
First published (updated )
News
The RegisterCVE-2025-30473: Apache Airflow Common SQL Provider: mote Code Execution via Sql Injection
First published (updated )
CVE-2025-30473: Apache Airflow Common SQL Provider: mote Code Execution via Sql Injection
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
OpenID mod_auth_openidcmod_auth_openidc allows OIDCProviderAuthRequestMethod POSTs to leak protected data
8.2
EPSS
0.12%
First published (updated )
CVE-2025-30473: Apache Airflow Common SQL Provider: mote Code Execution via Sql Injection
First published (updated )
Apache Airflow Common SQL ProviderApache Airflow Common SQL Provider: Remote Code Execution via Sql Injection
8.8
First published (updated )
CVE-2025-30473: Apache Airflow Common SQL Provider: mote Code Execution via Sql Injection
First published (updated )
Apache Traffic ServerApache Traffic Server: Malformed chunked message body allows request smuggling
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
[ANNOUNCE] ATS is vulnerable to quest smuggling via chunked messages
First published (updated )
CVE-2025-29868: Apache Answer: Using externally fenced images can leak user privacy.
First published (updated )
🚨 New vulnerability in Apache Tomcat (CVE-2025-24813) 🚨
First published (updated )
Social
redditApache OFBizApache OFBiz: Stored XSS Vulnerability
6.1
EPSS
0.03%
First published (updated )
CVE-2025-30676: Apache OFBiz: Stod XSS Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.