Filter
AND
Software
apache http server
91
apache tomcat
73
apache traffic server
48
apache struts
23
apache airflow
20
apache openoffice
20
apache nifi
19
apache solr
18
apache hadoop
15
apache inlong
13
apache openmeetings
13
apache cxf
12
apache ofbiz
12
apache activemq
9
apache camel
9
apache dolphinscheduler
8
apache fineract
8
apache geode
8
apache spark
8
apache superset
8
apache ambari
7
apache batik
7
apache guacamole
7
apache pulsar
7
apache activemq artemis
6
apache cassandra
6
apache commons compress
6
apache hive
6
apache iotdb
6
apache kylin
6
apache shiro
6
apache tapestry
6
apache tika
6
apache cordova
5
apache cxf fediz
5
apache james
5
apache log4j
5
apache ranger
5
apache shenyu
5
apache wicket
5
apache xerces-c++
5
apache atlas
4
apache bookkeeper
4
apache cloudstack
4
apache couchdb
4
apache hbase
4
apache hertzbeat
4
apache karaf
4
apache linkis
4
apache mesos
4
apache qpid
4
apache qpid broker-j
4
apache spamassassin
4
apache storm
4
apache thrift
4
apache zookeeper
4
apache apisix
3
apache archiva
3
apache avro rust
3
apache commons beanutils
3
apache commons fileupload
3
apache geronimo
3
apache impala
3
apache jspwiki
3
apache kafka
3
apache mod fcgid
3
apache mod python
3
apache ozone
3
apache servicecomb
3
apache streampipes
3
apache syncope
3
apache tomee
3
apache uimaj
3
apache xml security for c++
3
apache zeppelin
3
apache apache-airflow-providers-apache-drill
2
apache apache-airflow-providers-apache-hive
2
apache apache-airflow-providers-apache-spark
2
apache arrow r package
2
apache axis
2
apache beam
2
apache cayenne
2
apache cocoon
2
apache commons email
2
apache commons imaging
2
apache cordova android
2
apache cordova ios
2
apache derby
2
apache doris
2
apache drill
2
apache ivy
2
apache james server
2
apache jena
2
apache jetspeed
2
apache libapreq2
2
apache mina
2
apache mod_jk
2
apache myfaces
2
apache olingo
2
apache openoffice.org
2
apache pinot
2
apache poi
2
apache portable runtime
2
apache roller
2
apache sentry
2
apache skywalking
2
apache tomcat native
2
apache traffic control
2
apache virtual computing lab
2
apache xalan-java
2
apache xerces
2
apache accumulo
1
apache age
1
apache airflow celery provider
1
apache airflow cncf kubernetes
1
apache airflow hdfs provider
1
apache airflow spark provider
1
apache airflow sqoop provider
1
apache allura
1
apache amqp 0-x jms client
1
apache ant
1
apache apache-airflow-providers-amazon
1
apache apache-airflow-providers-docker
1
apache apache-airflow-providers-google
1
apache apache-airflow-providers-jdbc
1
apache apache-airflow-providers-odbc
1
apache apr
1
apache avro
1
apache axis2
1
apache brooklyn
1
apache cordova file transfer iphone os
1
apache directory ldap api
1
apache directory studio
1
apache druid
1
apache dubbo
1
apache flink
1
apache formatting objects processor
1
apache fortress
1
apache groovy ldap
1
apache hama
1
apache heron
1
apache html\/java api
1
apache ignite
1
apache iotdb workbench
1
apache jackrabbit
1
apache jackrabbit oak
1
apache java chassis
1
apache jms client amqp
1
apache juddi
1
apache kafka connect
1
apache libcloud
1
apache log4cxx
1
apache lucene
1
apache lucene.net
1
apache maven archetype
1
apache mod digest
1
apache mod_perl
1
apache mxnet
1
apache netbeans
1
apache nifi registry
1
apache ode
1
apache openjpa
1
apache orc
1
apache orchestration director engine
1
apache parquet-mr
1
apache pdfbox
1
apache plc4x
1
apache pluto
1
apache qpid proton-j
1
apache qpid-cpp
1
apache ranger hive
1
apache rocketmq
1
apache santuario
1
apache seatunnel
1
apache shardingsphere
1
apache shardingsphere elasticjob-ui
1
apache shardingsphere-ui
1
apache sling
1
apache sling authentication service
1
apache sling commons messaging mail
1
apache sling jcr base
1
apache sling jcr contentloader
1
apache sling resource merger
1
apache sling servlets resolver
1
apache soap
1
apache standard taglibs
1
apache streampark
1
apache struts 1
1
apache synapse
1
apache systemds
1
apache thrift node.js
1
apache tiles
1
apache tomcat connectors
1
apache tuscany
1
apache uima-as
1
apache uimaducc
1
apache uimafit
1
apache unomi
1
apache unstructured information management architecture
1
apache vcl
1
apache wink
1
apache wss4j
1
apache xerces-j
1
apache xmlgraphics commons
1
Apache CassandraCassandra-Lucene-Index allows bypass of Cassandra RBAC
8.8
EPSS
0.04%
First published (updated )
Apache AtlasApache Atlas: An authenticated user can perform XSS and potentially impersonate another user
7.1
First published (updated )
Apache ShardingSphere ElasticJob-UIApache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC
8.5
First published (updated )
Apache JamesApache James: denial of service through JMAP HTML to text conversion
7.5
First published (updated )
maven/org.apache.james.protocols:protocols-imapApache James: denial of service through the use of IMAP literals
8.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.cassandra:cassandra-allApache Cassandra: User with MODIFY permission on ALL KEYSPACES can escalate privileges to superuser via unsafe actions
First published (updated )
Apache CocoonApache Cocoon: continuations may not be private
7.5
EPSS
0.04%
First published (updated )
Apache AmbariApache Ambari: Code Injection Vulnerability in Ambari Alert Definition
8.8
EPSS
0.04%
First published (updated )
Apache AmbariApache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie
7.5
EPSS
0.04%
First published (updated )
Apache CXFApache CXF: Denial of Service vulnerability with temporary files
7.5
EPSS
0.09%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache MINAThe ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process…
7
First published (updated )
pip/apache-supersetApache Superset: SQLLab Improper readonly query validation allows unauthorized write access
7.1
First published (updated )
pip/apache-supersetApache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled
7.6
First published (updated )
Apache OFBizApache OFBiz: Bypass SameSite restrictions with target redirection using URL parameters (SSTI and CSRF leading to RCE)
8.9
First published (updated )
Apache Lucene.NetApache Lucene.Net.Replicator: Remote Code Execution in Lucene.Net.Replicator
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CloudStackApache CloudStack: Request origin validation bypass makes account takeover possible
8.8
First published (updated )
Apache CloudStackApache CloudStack: Incomplete session invalidation on web interface logout
7.1
First published (updated )
maven/org.apache.activemq:artemis-cliApache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans
8.8
First published (updated )
CollabNet SubversionApache Subversion: Command line argument injection on Windows platforms
8.2
First published (updated )
Apache LuceneApache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.maven.plugins:maven-archetype-pluginMaven Archetype Plugin: Maven Archetype integration-test may package local settings into the published artifact, possibly containing credentials
7.5
First published (updated )
maven/org.apache.seatunnel:seatunnelApache SeaTunnel Web: Arbitrary file read vulnerability
7.5
First published (updated )
Apache HertzBeatGHSL-2023-255: HertzBeat Authenticated (user role) RCE via unsafe deserialization in /api/monitors/import
8.8
First published (updated )
maven/org.apache.dolphinscheduler:dolphinschedulerApache DolphinScheduler: Resource File Read And Write Vulnerability
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CloudStackApache CloudStack: User Key Exposure to Domain Admins
7.2
First published (updated )
Apache IoTDB Web WorkbenchApache IoTDB Workbench: SSRF Vulnerability (EOL)
7.3
First published (updated )
Apache Traffic ServerApache Traffic Server: Incomplete field name check allows request smuggling
7.5
First published (updated )
Apache Traffic ServerApache Traffic Server: Invalid Accept-Encoding can force forwarding requests
8.2
First published (updated )
maven/org.apache.pinot:pinot-controllerApache Pinot: Unauthorized endpoint exposed sensitive information
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.