Filter
AND
Software
apache http server
90
apache tomcat
66
apache traffic server
48
apache struts
23
apache airflow
21
apache nifi
19
apache openoffice
19
apache solr
18
apache hadoop
15
apache inlong
13
apache openmeetings
13
apache cxf
11
apache ofbiz
11
apache camel
9
apache fineract
9
apache geode
9
apache subversion
9
apache activemq
8
apache dolphinscheduler
8
apache spark
8
apache cordova
7
apache guacamole
7
apache superset
7
apache activemq artemis
6
apache batik
6
apache commons compress
6
apache hive
6
apache iotdb
6
apache kylin
6
apache shiro
6
apache tapestry
6
apache tika
6
apache ambari
5
apache cloudstack
5
apache cxf fediz
5
apache pulsar
5
apache ranger
5
apache shenyu
5
apache wicket
5
apache bookkeeper
4
apache cassandra
4
apache couchdb
4
apache hbase
4
apache hertzbeat
4
apache james
4
apache karaf
4
apache linkis
4
apache mesos
4
apache qpid
4
apache qpid broker-j
4
apache spamassassin
4
apache storm
4
apache streampark
4
apache thrift
4
apache xerces-c\+\+
4
apache zookeeper
4
apache apisix
3
apache archiva
3
apache atlas
3
apache avro rust
3
apache commons beanutils
3
apache commons fileupload
3
apache geronimo
3
apache impala
3
apache jspwiki
3
apache kafka
3
apache log4j
3
apache mod fcgid
3
apache mod python
3
apache ozone
3
apache servicecomb
3
apache streampipes
3
apache syncope
3
apache tomee
3
apache uimaj
3
apache xml security for c\+\+
3
apache zeppelin
3
apache apache-airflow-providers-apache-drill
2
apache apache-airflow-providers-apache-hive
2
apache apache-airflow-providers-apache-spark
2
apache arrow
2
apache axis
2
apache beam
2
apache cayenne
2
apache commons email
2
apache commons imaging
2
apache cordova android
2
apache derby
2
apache doris
2
apache drill
2
apache ivy
2
apache jena
2
apache jetspeed
2
apache libapreq2
2
apache myfaces
2
apache olingo
2
apache openoffice.org
2
apache pinot
2
apache poi
2
apache portable runtime
2
apache roller
2
apache sentry
2
apache skywalking
2
apache tomcat jk connector
2
apache tomcat native
2
apache traffic control
2
apache virtual computing lab
2
apache xalan-java
2
apache xerces2 java
2
apache accumulo
1
apache age
1
apache airflow celery provider
1
apache airflow cncf kubernetes
1
apache airflow hdfs provider
1
apache airflow spark provider
1
apache airflow sqoop provider
1
apache allura
1
apache amqp 0-x jms client
1
apache ant
1
apache apache-airflow-providers-amazon
1
apache apache-airflow-providers-docker
1
apache apache-airflow-providers-google
1
apache apache-airflow-providers-jdbc
1
apache apache-airflow-providers-odbc
1
apache apr-util
1
apache avro
1
apache axis2
1
apache brooklyn
1
apache cocoon
1
apache cordova file transfer
1
apache directory ldap api
1
apache directory studio
1
apache druid
1
apache dubbo
1
apache flink
1
apache formatting objects processor
1
apache fortress
1
apache groovy ldap
1
apache hama
1
apache heron
1
apache html\/java api
1
apache httpclient
1
apache ignite
1
apache iotdb workbench
1
apache jackrabbit
1
apache jackrabbit oak
1
apache james server
1
apache java chassis
1
apache jms client amqp
1
apache juddi
1
apache kafka connect
1
apache libcloud
1
apache log4cxx
1
apache lucene
1
apache maven archetype
1
apache mina
1
apache mod jk
1
apache mxnet
1
apache netbeans
1
apache nifi registry
1
apache ode
1
apache openjpa
1
apache orc
1
apache orchestration director engine
1
apache parquet-mr
1
apache pdfbox
1
apache plc4x
1
apache pluto
1
apache qpid proton-j
1
apache qpid-cpp
1
apache ranger hive
1
apache rocketmq
1
apache santuario xml security for java
1
apache seatunnel
1
apache shardingsphere
1
apache shardingsphere-ui
1
apache sling
1
apache sling authentication service
1
apache sling commons messaging mail
1
apache sling jcr base
1
apache sling jcr contentloader
1
apache sling resource merger
1
apache sling servlets resolver
1
apache soap
1
apache standard taglibs
1
apache struts 1
1
apache synapse
1
apache systemds
1
apache thrift node.js
1
apache tiles
1
apache tomcat connectors
1
apache tomcat jk web server connector
1
apache tuscany
1
apache uima-as
1
apache uimaducc
1
apache uimafit
1
apache unomi
1
apache unstructured information management architecture
1
apache vcl
1
apache wink
1
apache wss4j
1
apache xerces-j
1
apache xml graphics batik
1
Apache CloudStackApache CloudStack: Request origin validation bypass makes account takeover possible
8.8
First published (updated )
Apache CloudStackApache CloudStack: Incomplete session invalidation on web interface logout
7.1
First published (updated )
maven/org.apache.activemq:artemis-cliApache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
8.8
First published (updated )
Apache LuceneApache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue
8
First published (updated )
maven/org.apache.maven.plugins:maven-archetype-pluginMaven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.seatunnel:seatunnelApache SeaTunnel Web: Arbitrary file read vulnerability
7.5
First published (updated )
Apache HertzbeatGHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import
8.8
First published (updated )
maven/org.apache.dolphinscheduler:dolphinschedulerApache DolphinScheduler: Resource File Read And Write Vulnerability
8.1
First published (updated )
Apache CloudStackApache CloudStack: User Key Exposure to Domain Admins
7.2
First published (updated )
Apache IoTDB WorkbenchApache IoTDB Workbench: SSRF Vulnerability (EOL)
7.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache Traffic ServerApache Traffic Server: Incomplete field name check allows request smuggling
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server: Invalid Accept-Encoding can force forwarding requests
8.2
First published (updated )
maven/org.apache.pinot:pinot-controllerApache Pinot: Unauthorized endpoint exposed sensitive information
7.5
First published (updated )
maven/org.apache.rocketmq:rocketmq-allApache RocketMQ: Unauthorized Exposure of Sensitive Data
8.8
First published (updated )
Apache CloudStackApache CloudStack: SAML Signature Exclusion
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.cxf:cxf-rt-transports-httpApache CXF: Unrestricted memory consumption in CXF HTTP clients
7.5
First published (updated )
maven/org.apache.cxf:cxf-rt-rs-security-joseApache CXF Denial of Service vulnerability in JOSE
7.5
First published (updated )
Apache StreamParkApache StreamPark: FreeMarker SSTI RCE Vulnerability
8.8
First published (updated )
Apache StreamParkApache StreamPark (incubating): maven build params could trigger remote command execution
8.8
First published (updated )
Apache StreamParkApache StreamPark (incubating): Unchecked maven build params could trigger remote command execution
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.streampipes:streampipes-parentApache StreamPipes: Possibility of SSRF in pipeline element installation process
7.5
First published (updated )
maven/org.apache.streampipes:streampipes-parentApache StreamPipes: Potential remote code execution (RCE) via file upload
8.8
First published (updated )
pip/apache-airflowApache Airflow: DAG Author Code Execution possibility in airflow-scheduler
8.8
First published (updated )
pip/apache-airflowApache Airflow: Potential XSS Vulnerability
8.1
First published (updated )
maven/org.apache.linkis:linkis-datasourceApache Linkis DataSource: DataSource Remote code execution vulnerability
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.linkis:linkis-datasourceApache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability
8.8
First published (updated )
F5 BIG-IPApache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request
7.5
First published (updated )
Apache FineractApache Fineract: Under certain circumstances, this vulnerability allowed users, without specific permissions, to escalate their privileges to any role.
8.8
First published (updated )
pip/apache-airflowApache Airflow: Ignored Airflow Permissions
8.1
EPSS
0.04%
First published (updated )
Fedoraproject FedoraApache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.