Software
Apache AnswerApache Answer: Repeated submissions using scripts resulted in an abnormal number of collections for questions.
Apache CamelApache Camel JIRA: Temporary file information disclosure in Camel-Jira
Apache TikaIncomplete fix and new regex DoS in StandardsExtractingContentHandler
Apache Cordova AndroidWe have resolved a security issue in the camera plugin that could have affected certain Cordova (And…
Apache AmbariThe agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HiveApache Hive before 0.13.1, when in SQL standards based authorization mode, does not properly check t…
Apache SubversionThe daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges via a…
Apache Subversionsvnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile option and running in foregro…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache CloudStackThe virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in fi…
Apache SubversionThe is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 th…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SubversionSvnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to ove…
Apache HadoopThe RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1…
RSA Authentication APIEMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA Web…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache TomcatApache Tomcat 7.x uses world-readable permissions for the log directory and its files, which might a…
Apache Commons FileUploadThe default configuration of javax.servlet.context.tempdir in Apache Commons FileUpload 1.0 through …
Apache CloudStackApache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.…
Apache Tomcatorg/apache/tomcat/util/net/NioEndpoint.java in Apache Tomcat 6.x before 6.0.36 and 7.x before 7.0.28…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache HTTP serverInput Validation, Null Pointer Dereference, Buffer Overflow, Integer Overflow
Apache JServThe default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes a…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SubversionCVE-2010-4644
Apache DerbyApache Derby could allow a remote attacker to obtain sensitive information, caused by the reduction …
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
PHP PHPPHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior …
Apache GeronimoThe init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache TomcatThe default SSL cipher configuration in Apache Tomcat 4.1.28 through 4.1.31, 5.0.0 through 5.0.30, a…
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.