Filter
-Infinity
0
Trending
Software
apache http server
385
apache airflow
90
apache struts 2
90
apache openoffice
81
apache traffic server
78
apache ofbiz
56
apache superset
54
apache cxf
52
apache nifi
51
apache activemq
46
apache solr
41
apache hadoop
35
apache inlong
29
apache cloudstack
25
apache ambari
24
apache james
24
apache openmeetings
24
apache couchdb
23
apache tika
23
apache jspwiki
22
apache geode
21
apache archiva
19
apache cassandra
19
apache dolphinscheduler
19
apache kylin
19
apache log4j
19
apache spark
19
apache ranger
18
apache zeppelin
18
apache pulsar
17
apache shiro
17
apache dubbo
16
apache wicket
16
apache qpid
15
apache activemq artemis
14
apache fineract
14
apache hive
14
apache iotdb
14
apache roller
14
apache atlas
13
apache batik
13
apache commons compress
13
apache cordova
13
apache guacamole
11
apache karaf
11
apache linkis
11
apache tapestry
11
apache answer
10
apache druid
10
apache kafka
10
maven/org.apache.iotdb:node-commonsApache IoTDB: Exposure of Sensitive Information in IoTDB OpenID Authentication
First published (updated )
maven/org.apache.iotdb:iotdb-jdbcApache IoTDB JDBC driver: Exposure of Sensitive Information in IoTDB JDBC driver
First published (updated )
Apache IoTDBApache IoTDB: Remote Code Execution with untrusted URI of User-defined function
First published (updated )
CVE-2025-26864: Apache IoTDB: Exposuof Sensitive Information in IoTDB OpenID Authentication
First published (updated )
CVE-2025-26795: Apache IoTDB JDBC driver: Exposuof Sensitive Information in IoTDB JDBC driver
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-24780: Apache IoTDB: mote Code Execution with untrusted URI of User-defined function
First published (updated )
Apache ORCApache ORC: Potential Heap Buffer Overflow during C++ LZO Decompression
EPSS
0.01%
First published (updated )
CVE-2025-47436: Apache ORC: Potential Heap Buffer Overflow during C++ LZO Decompssion
First published (updated )
OpenID mod_auth_openidcImportant: mod_auth_openidc security update
First published (updated )
Apache SupersetApache Superset: Improper authorization leading to resource ownership takeover
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-27696: Apache Superset: Improper authorization leading to source ownership takeover
First published (updated )
Apache Commons ConfigurationApache Commons Configuration: Uncontrolled Resource Consumption when loading untrusted configurations in 1.x
6.5
EPSS
0.04%
First published (updated )
CVE-2025-46392: Apache Commons Configuration: StackOverflowError loading untrusted configuration
First published (updated )
BleepingComputerApache Parquet exploit tool detect servers vulnerable to critical flaw
First published (updated )
News
BleepingComputermaven/org.apache.activemq:activemq-clientApache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2025-27533: Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation
First published (updated )
Apache ParquetApache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when reading an Avro schema from a Parquet file metadata
9.8
EPSS
0.09%
First published (updated )
CVE-2025-46762: Apache Parquet Java: Potential malicious code execution from trusted packages in the parquet-avro module when ading an Avro schema from a Parquet file metadata
First published (updated )
BleepingComputerSonicWall warns of more VPN flaws exploited in attacks
First published (updated )
News
BleepingComputerApache ActiveMQ NMS OpenWire ClientApache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache ActiveMQ NMS OpenWire ClientZDI-25-266: Apache ActiveMQ NMS Body Deserialization of Untrusted Data Remote Code Execution Vulnerability
First published (updated )
CVE-2025-31651: Apache Tomcat: Bypass of rules in write Valve
First published (updated )
TomcatApache Tomcat: Bypass of rules in Rewrite Valve
9.8
First published (updated )
CVE-2025-31650: Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
First published (updated )
TomcatApache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
TomcatApache Tomcat vulnerability
First published (updated )
Apache Traffic ServerApache Traffic Server vulnerability
First published (updated )
Apache Commons HttpClientApache HttpComponents: PSL (Public Suffix List) validation bypass
7.5
First published (updated )
Red Hat Enterprise LinuxMod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled
7.5
EPSS
0.08%
First published (updated )
Apache HTTP ServerAn unauthenticated attacker can crash the Apache httpd process by sending an empty POST request when…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.