Filter
AND
Software
apache http server
169
apache tomcat
124
apache airflow
50
apache superset
39
apache struts
34
apache subversion
28
apache cxf
22
apache activemq
20
apache jspwiki
18
apache nifi
17
apache ofbiz
16
apache openoffice
16
apache tika
14
apache archiva
13
apache solr
13
apache qpid
12
apache cloudstack
11
apache couchdb
10
apache ambari
9
apache traffic server
9
apache atlas
8
apache pulsar
8
apache ranger
8
apache wicket
8
apache druid
7
apache hadoop
7
apache openmeetings
7
apache poi
7
apache roller
7
apache spark
7
apache commons httpclient
6
apache cordova android
6
apache geode
6
apache james
6
apache pdfbox
6
apache syncope
6
apache commons compress
5
apache dolphinscheduler
5
apache guacamole
5
apache hive
5
apache karaf
5
apache pluto
5
apache santuario
5
apache spamassassin
5
apache activemq artemis
4
apache allura
4
apache answer
4
apache apr
4
apache axis
4
apache axis2
4
apache batik
4
apache camel
4
apache geronimo
4
apache inlong
4
apache juddi
4
apache kafka
4
apache ozone
4
apache sling
4
apache sling cms
4
apache zeppelin
4
apache ant
3
apache derby
3
apache drill
3
apache linkis
3
apache log4j
3
apache mesos
3
apache mod python
3
apache myfaces
3
apache oozie
3
apache portable runtime
3
apache sshd
3
apache storm
3
apache streampark
3
apache tomee
3
apache wss4j
3
apache xerces-c\+\+
3
apache xml security for c++
3
apache bookkeeper
2
apache cassandra
2
apache commons jxpath
2
apache deltaspike
2
apache dubbo
2
apache fineract
2
apache ignite
2
apache impala
2
apache isis
2
apache jackrabbit
2
apache jetspeed
2
apache knox
2
apache kylin
2
apache mina
2
apache mina sshd
2
apache openoffice.org
2
apache org.apache.sling.servlets.post
2
apache pony mail
2
apache portable runtime utility
2
apache qpid broker-j
2
apache qpid proton
2
apache shiro
2
apache sling api
2
apache sling servlets post
2
apache traffic control
2
apache xerces
2
apache airavata django portal
1
apache airflow cncf kubernetes
1
apache any23
1
apache apache axis2\/c
1
apache apache webserver
1
apache apache-airflow-providers-apache-spark
1
apache apache-airflow-providers-imap
1
apache apache-airflow-providers-microsoft-mssql
1
apache apache-airflow-providers-odbc
1
apache apache-airflow-providers-smtp
1
apache apisix
1
apache apisix dashboard
1
apache asterixdb
1
apache brooklyn
1
apache brpc
1
apache calcite
1
apache cocoon
1
apache commons daemon
1
apache commons io
1
apache commons net
1
apache continuum
1
apache cordova
1
apache cordova file transfer
1
apache felix health check webconsole plugin
1
apache felix health checks
1
apache flex
1
apache flink
1
apache flink stateful functions
1
apache gobblin
1
apache groovy
1
apache harmony
1
apache hbase
1
apache helix
1
apache http server2.0a6
1
apache http server2.0a7
1
apache httpasyncclient
1
apache hupa
1
apache jena
1
apache jena fuseki
1
apache johnzon
1
apache kudu
1
apache libapreq2
1
apache libcloud
1
apache livy
1
apache log4net
1
apache manifoldcf
1
apache maven
1
apache maven wagon
1
apache mod auth radius
1
apache mod fcgid
1
apache mod imap
1
apache mod perl
1
apache mxnet
1
apache myfaces tomahawk
1
apache nifi minifi c\+\+
1
apache nifi registry
1
apache olingo
1
apache opentaps
1
apache qpid dispatch
1
apache qpid-cpp
1
apache rampart\/c
1
apache rave
1
apache rocketmq
1
apache shardingsphere elasticjob-ui
1
apache shenyu
1
apache shindig
1
apache sling auth core component
1
apache sling commons log
1
apache sling i18n
1
apache sling xss protection api
1
apache sling xss protection api compat
1
apache sshj
1
apache streampipes
1
apache tapestry
1
apache teaclave sgx sdk
1
apache thrift
1
apache tiles
1
apache tomcat connectors
1
apache tomcat jk web server connector
1
apache tomcat native
1
apache uimaducc
1
apache velocity tools
1
apache ws-xmlrpc
1
apache xml graphics batik
1
apache zookeeper
1
Apache NiFiApache NiFi: Improper Neutralization of Input in Parameter Description
4.6
First published (updated )
Apache CloudStackApache CloudStack Quota plugin: Access checks not enforced in Quota
6.3
First published (updated )
maven/org.apache.druid:druidApache Druid: Users can provide MySQL JDBC properties not on allow list
6.5
First published (updated )
maven/org.apache.druid.extensions:druid-pac4jApache Druid: Padding oracle in druid-pac4j extension that allows an attacker to manipulate a pac4j session cookie via Padding Oracle Attack
5.3
First published (updated )
Apache Portable RuntimeApache Portable Runtime (APR): Unexpected lax shared memory permissions
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-airflowApache Airflow: Stored XSS Vulnerability on provider link
6.1
First published (updated )
maven/org.apache.sshd:sshd-commonApache MINA SSHD: integrity check bypass
5.9
First published (updated )
go/github.com/apache/incubator-answerApache Answer: The link for resetting user password is not Single-Use
5.3
First published (updated )
go/github.com/apache/incubator-answerApache Answer: The link to reset the user's password will remain valid after sending a new link
5.3
First published (updated )
Apache CloudStackApache CloudStack: Unauthorised Network List Access
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.linkis:linkisApache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability
4.9
First published (updated )
Apache RollerApache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode
5.4
First published (updated )
Apache StreamParkApache StreamPark IDOR Vulnerability
6.5
First published (updated )
Apache SyncopeApache Syncope: HTML tags can be injected into Console or Enduser text fields
6.5
First published (updated )
Apache HTTP ServerApache HTTP Server: source code disclosure with handlers configured via AddType
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache StreamPipesApache StreamPipes: Potential creation of multiple identical accounts
5.3
First published (updated )
maven/org.apache.linkis:linkis-datasourceApache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading
6.5
First published (updated )
Apache NiFiApache NiFi: Improper Neutralization of Input in Parameter Context Description
5.4
First published (updated )
maven/org.apache.jspwiki:jspwiki-mainApache JSPWiki: Cross-site scripting vulnerability on upload page
6.3
First published (updated )
Apache AlluraApache Allura: Stored authenticated XSS
4.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-airflowApache Airflow: Cache Control - Storage of Sensitive Data in Browser Cache
5.5
First published (updated )
Apache AirflowApache Airflow: XSS vulnerability in Task Instance Log/Log Details
5.4
First published (updated )
maven/org.apache.pulsar:pulsar-brokerApache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints
6.4
EPSS
0.04%
First published (updated )
maven/org.apache.pulsar:pulsar-brokerApache Pulsar: Improper Authorization For Topic-Level Policy Management
6.4
EPSS
0.04%
First published (updated )
Apache OFBizApache OFBiz: Path traversal or file inclusion
5.3
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/apache-supersetApache Superset: Improper authorization validation on dashboards and charts import
5.4
EPSS
0.04%
First published (updated )
pip/apache-supersetApache Superset: Improper data authorization when creating a new dataset
6.5
EPSS
0.04%
First published (updated )
pip/apache-supersetApache Superset: Improper Neutralisation of custom SQL on embedded context
4.3
EPSS
0.04%
First published (updated )
pip/apache-supersetApache Superset: Improper validation of SQL statements allows for unauthorized access to data
6.5
EPSS
0.04%
First published (updated )
pip/apache-supersetApache Superset: Improper error handling on alerts
4.3
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.