Filter
AND
-Infinity
0
Trending
Software
apache http server
36
apache struts 2
27
apache ofbiz
20
apache openoffice
20
apache dubbo
13
apache hadoop
12
apache traffic server
12
apache airflow
11
apache log4j
11
apache inlong
10
apache shiro
9
apache solr
8
apache activemq
7
apache cloudstack
7
apache kylin
7
apache couchdb
6
apache cxf
6
apache geode
6
apache ignite
5
apache linkis
5
apache openmeetings
5
apache superset
5
apache tapestry
5
apache airflow hive provider
4
apache dolphinscheduler
4
apache fineract
4
apache iotdb
4
apache nifi
4
apache nuttx
4
apache portable runtime
4
apache ranger
4
apache spark
4
apache storm
4
apache struts 2 showcase
4
apache submarine
4
apache tomee
4
apache ambari
3
apache any23
3
apache cassandra
3
apache flume
3
apache james
3
apache jmeter
3
apache karaf
3
apache ozone
3
apache pulsar
3
apache shenyu
3
apache traffic control
3
apache xerces-c++
3
apache apisix
2
apache batik
2
Apache Seata ServerApache Seata (incubating): Deserialization of untrusted Data in jraft mode in Apache Seata Server
9.8
First published (updated )
Apache ParquetApache Parquet Java: Arbitrary code execution in the parquet-avro module when reading an Avro schema from a Parquet file metadata
First published (updated )
Apache AirflowApache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow
9.8
First published (updated )
maven/org.apache.inlong:manager-pojoApache Inlong JDBC Vulnerability
9.8
First published (updated )
TomcatApache Tomcat Improper Privilege Management Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CloudStackApache CloudStack: x-forwarded-for HTTP header parsed by default
9.8
EPSS
0.04%
First published (updated )
Apache Portable RuntimeApache Portable Runtime (APR): Windows out-of-bounds write in apr_socket_sendv function
9.8
First published (updated )
Apache Portable RuntimeApache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions
9.8
First published (updated )
Apache InLongApache InLong: Jdbc Connection Security Bypass
9.8
First published (updated )
F5 BIG-IP and BIG-IQ Centralized ManagementApache HTTP Server weakness with encoded question marks in backreferences
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Commons CollectionsSerialized-object interfaces in Java applications using the Apache Commons Collections (ACC) library…
9.8
First published (updated )
Apache Struts 2Apache Struts Remote Code Execution Vulnerability
First published (updated )
Apache SolrApache Solr DataImportHandler Code Injection Vulnerability
First published (updated )
Apache Http ServerPath Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773)
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-submarineApache Submarine Commons Utils: default secret
9.8
First published (updated )
maven/org.apache.submarine:submarine-server-coreApache Submarine Server Core: authorization bypass
9.8
First published (updated )
pip/apache-airflow-providers-fabApache Airflow Providers FAB: FAB provider 1.2.1 and 1.2.0 did not let user to logout for Airflow
9.8
First published (updated )
CVE-2024-39864Apache CloudStack: Integration API service uses dynamic port when disabled
9.8
First published (updated )
maven/org.apache.dolphinscheduler:dolphinschedulerRemote Code Execution in Apache Dolphinscheduler
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.tomcat.embed:tomcat-embed-coreApache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT
First published (updated )
IBM Cognos AnalyticsApache Avro Java SDK: Memory when deserializing untrusted data in Avro Java SDK
9.8
First published (updated )
Apache SolrApache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features consid…
9.8
First published (updated )
Pivotal Software Spring Data CommonsVMware Tanzu Spring Data Commons Property Binder Vulnerability
First published (updated )
Python DockerDocker Desktop Community Edition Privilege Escalation Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.struts:struts2-coreApache Struts: File upload component had a directory traversal vulnerability
9.8
First published (updated )
Apache Struts 2Apache Struts Remote Code Execution Vulnerability
First published (updated )
TomcatApache Tomcat Remote Code Execution Vulnerability
First published (updated )
Apache Struts 2Apache Struts Improper Input Validation Vulnerability
First published (updated )
Apache Struts 2Apache Struts 2 Improper Input Validation Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.