Filter

Software

apache http server
306
apache tomcat
211
apache struts
87
apache airflow
82
apache traffic server
69
apache openoffice
54
apache ofbiz
48
apache subversion
46
apache superset
45
apache nifi
40
apache activemq
39
apache cxf
39
apache solr
39
apache hadoop
35
apache inlong
26
apache cloudstack
25
apache openmeetings
24
apache camel
23
apache tika
23
apache jspwiki
22
apache geode
21
apache ambari
20
apache couchdb
20
apache spark
19
apache archiva
17
apache shiro
17
apache dubbo
16
apache fineract
16
apache log4j
16
apache qpid
16
apache dolphinscheduler
15
apache kylin
15
apache ranger
15
apache wicket
15
apache hive
14
apache pulsar
13
apache spamassassin
13
apache guacamole
12
apache james
12
apache karaf
12
apache linkis
12
apache roller
12
apache tapestry
12
apache atlas
11
apache batik
11
apache commons compress
11
apache geronimo
11
apache storm
11
apache syncope
11
apache activemq artemis
10
apache iotdb
10
apache ozone
10
apache tomee
10
apache xerces-c\+\+
10
apache cassandra
9
apache cordova
9
apache cordova android
9
apache druid
9
apache mesos
9
apache poi
9
apache portable runtime
9
apache shenyu
9
apache streampark
9
apache derby
8
apache pdfbox
8
apache qpid broker-j
8
apache zeppelin
8
apache axis
7
apache bookkeeper
7
apache ignite
7
apache impala
7
apache kafka
7
apache sling
7
apache apisix
6
apache apr-util
6
apache axis2
6
apache cxf fediz
6
apache drill
6
apache httpclient
6
apache jetspeed
6
apache juddi
6
apache mod python
6
apache pluto
6
apache santuario xml security for java
6
apache thrift
6
apache traffic control
6
apache xml security for c\+\+
6
apache zookeeper
6
apache allura
5
apache answer
5
apache apache-airflow-providers-apache-hive
5
apache commons fileupload
5
apache hbase
5
apache hertzbeat
5
apache myfaces
5
apache openoffice.org
5
apache wss4j
5
apache ant
4
apache any23
4
apache cocoon
4
apache jackrabbit
4
apache jena
4
apache mod fcgid
4
apache netbeans
4
apache nuttx
4
apache olingo
4
apache rocketmq
4
apache sling cms
4
apache sshd
4
apache streampipes
4
apache submarine
4
apache apache-airflow-providers-apache-spark
3
apache avro rust
3
apache brooklyn
3
apache commons beanutils
3
apache flink
3
apache flume
3
apache groovy
3
apache heron
3
apache ivy
3
apache jmeter
3
apache libapreq2
3
apache libcloud
3
apache mina
3
apache mod perl
3
apache oozie
3
apache pinot
3
apache pony mail
3
apache servicecomb
3
apache shardingsphere
3
apache skywalking
3
apache struts 2
3
apache tomcat jk connector
3
apache tomcat native
3
apache uimaj
3
apache unomi
3
apache virtual computing lab
3
apache xerces2 java
3
apache accumulo
2
apache airflow cncf kubernetes
2
apache apache
2
apache apache-airflow-providers-apache-drill
2
apache apache-airflow-providers-google
2
apache apache-airflow-providers-odbc
2
apache apisix dashboard
2
apache arrow
2
apache avro
2
apache beam
2
apache brpc
2
apache calcite
2
apache cayenne
2
apache commons configuration
2
apache commons email
2
apache commons imaging
2
apache commons jxpath
2
apache cordova file transfer
2
apache deltaspike
2
apache directory ldap api
2
apache directory studio
2
apache doris
2
apache gobblin
2
apache helix
2
apache isis
2
apache james server
2
apache knox
2
apache log4j2
2
apache log4net
2
apache maven
2
apache mina sshd
2
apache mod jk
2
apache mxnet
2
apache nifi minifi c\+\+
2
apache nifi registry
2
apache nutch
2
apache openwhisk
2
apache org.apache.sling.servlets.post
2
apache portable runtime utility
2
apache qpid proton
2
apache qpid-cpp
2
apache sentry
2
apache sling api
2
apache sling servlets post
2
apache soap
2
apache struts 1
2
apache synapse
2
apache tiles
2
apache tomcat connectors
2
apache tomcat jk web server connector
2
apache uimaducc
2
apache ws-xmlrpc
2
apache xalan-java
2
apache xerces-j
2
apache xml graphics batik
2
apache xml-rpc
2
apache activemq apollo
1
apache activemq legacy openwire module
1
apache age
1
apache airavata django portal
1
apache airflow celery provider
1
apache airflow hdfs provider
1
apache airflow hive provider
1
apache airflow spark provider
1
apache airflow sqoop provider
1
apache airflow's experimental api
1
apache amqp 0-x jms client
1
apache apache axis2\/c
1
apache apache calcite avatica
1
apache apache commons daemon
1
apache apache http server
1
apache apache webserver
1
apache apache-airflow-providers-amazon
1
apache apache-airflow-providers-apache-pig
1
apache apache-airflow-providers-apache-pinot
1
apache apache-airflow-providers-apache-sqoop
1
apache apache-airflow-providers-docker
1
apache apache-airflow-providers-fab
1
apache apache-airflow-providers-imap
1
apache apache-airflow-providers-jdbc
1
apache apache-airflow-providers-microsoft-mssql
1
apache apache-airflow-providers-mysql
1
apache apache-airflow-providers-smtp
1
apache asterixdb
1
apache aurora
1
apache chainsaw
1
apache commons bcel
1
apache commons collections
1
apache commons io
1
apache commons jelly
1
apache commons net
1
apache commons text
1
apache commons-httpclient
1
apache continuum
1
apache cordova in-app-browser
1
apache cordova inappbrowser
1
apache ddlutils
1
apache eventmesh
1
apache felix health check webconsole plugin
1
apache felix health checks
1
apache flex
1
apache flex blazeds
1
apache flink stateful functions
1
apache formatting objects processor
1
apache fortress
1
apache groovy ldap
1
apache hadoop yarn
1
apache hama
1
apache harmony
1
apache html\/java api
1
apache http server2.0a1
1
apache http server2.0a2
1
apache http server2.0a3
1
apache http server2.0a4
1
apache http server2.0a5
1
apache http server2.0a6
1
apache http server2.0a7
1
apache http server2.0a8
1
apache http server2.0a9
1
apache httpasyncclient
1
apache hugegraph
1
apache hugegraph-server
1
apache hupa
1
apache identity backend
1
apache iotdb web workbench
1
apache iotdb workbench
1
apache jackrabbit oak
1
apache jakarta slide
1
apache java chassis
1
apache jclouds
1
apache jena fuseki
1
apache jena sdb
1
apache jms client amqp
1
apache johnzon
1
apache jserv
1
apache kafka connect
1
apache kerby
1
apache kudu
1
apache ldap studio
1
apache livy
1
apache log4cxx
1
apache lucene
1
apache manifoldcf
1
apache maven archetype
1
apache maven shared utils
1
apache maven wagon
1
apache mod auth radius
1
apache mod dav svn
1
apache mod dontdothat
1
apache mod imap
1
apache mod-gnutls
1
apache myfaces tomahawk
1
apache myfaces trinidad
1
apache ode
1
apache openjpa
1
apache opennlp
1
apache opentaps
1
apache orc
1
apache orchestration director engine
1
apache parquet-mr
1
apache plc4x
1
apache pyarrow
1

Apache NiFiApache NiFi: Improper Neutralization of Input in Parameter Description

First published (updated )

Apache CloudStackApache CloudStack: Request origin validation bypass makes account takeover possible

8.8
First published (updated )

Apache CloudStackApache CloudStack: Incomplete session invalidation on web interface logout

7.1
First published (updated )

Apache CloudStackApache CloudStack Quota plugin: Access checks not enforced in Quota

First published (updated )

maven/org.apache.activemq:artemis-cliApache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache LuceneApache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue

First published (updated )

maven/org.apache.maven.plugins:maven-archetype-pluginMaven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials

7.5
First published (updated )

maven/org.apache.druid:druidApache Druid: Users can provide MySQL JDBC properties not on allow list

First published (updated )

maven/org.apache.druid.extensions:druid-pac4jApache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack

First published (updated )

maven/org.apache.seata:seata-coreApache Seata: Remote Code Execution vulnerability via Hessian Deserialization in Apache Seata Server

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache OFBizApache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE

First published (updated )

Apache OFBizApache OFBiz: Confused controller-view authorization logic (forced browsing)

First published (updated )

Apache Portable RuntimeApache Portable Runtime (APR): Unexpected lax shared memory permissions

First published (updated )

pip/apache-airflowApache Airflow: Stored XSS Vulnerability on provider link

First published (updated )

maven/org.apache.seatunnel:seatunnelApache SeaTunnel Web: Arbitrary file read vulnerability

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache HertzbeatGHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import

8.8
First published (updated )

Apache HertzbeatGHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull}

First published (updated )

maven/org.apache.sshd:sshd-commonApache MINA SSHD: integrity check bypass

First published (updated )

maven/org.apache.dolphinscheduler:dolphinschedulerApache DolphinScheduler: Resource File Read And Write Vulnerability

8.1
First published (updated )

go/github.com/apache/incubator-answerApache Answer: The link for resetting user password is not Single-Use

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

go/github.com/apache/incubator-answerApache Answer: The link to reset the user's password will remain valid after sending a new link

First published (updated )

Apache CloudStackApache CloudStack: Unauthorised Network List Access

First published (updated )

Apache CloudStackApache CloudStack: User Key Exposure to Domain Admins

7.2
First published (updated )

Apache IoTDB WorkbenchApache IoTDB Workbench: SSRF Vulnerability (EOL)

7.3
First published (updated )

Apache Apache-airflow-providers-fabApache Airflow Providers FAB: FAB provider 1.2.1 and 1.2.0 did not let user to logout for Airflow

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Apache OFBizApache OFBiz Incorrect Authorization Vulnerability

First published (updated )

maven/org.apache.inlong:tubemq-coreApache InLong TubeMQ Client: Remote Code Execution vulnerability

First published (updated )

maven/org.apache.linkis:linkisApache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability

First published (updated )

Apache Traffic ServerApache Traffic Server: Incomplete field name check allows request smuggling

7.5
First published (updated )

Apache Traffic ServerApache Traffic Server: Invalid Accept-Encoding can force forwarding requests

8.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203