Filter
AND
-Infinity
0
Trending
Software
apache http server
184
apache airflow
50
apache superset
38
apache struts 2
34
apache cxf
24
apache openoffice
24
apache activemq
21
apache nifi
19
apache jspwiki
18
apache ofbiz
16
apache solr
15
apache archiva
14
apache tika
14
apache cloudstack
12
apache couchdb
12
apache qpid
12
apache ambari
10
apache traffic server
9
apache wicket
9
apache atlas
8
apache pulsar
8
apache ranger
8
apache commons httpclient
7
apache druid
7
apache hadoop
7
apache hive
7
apache james
7
apache openmeetings
7
apache poi
7
apache roller
7
apache spark
7
apache cordova
6
apache geode
6
apache pdfbox
6
apache sling api
6
apache syncope
6
apache batik
5
apache commons compress
5
apache dolphinscheduler
5
apache guacamole
5
apache kafka
5
apache karaf
5
apache pluto
5
apache portable runtime
5
apache santuario
5
apache zeppelin
5
apache activemq artemis
4
apache allura
4
apache answer
4
apache axis
4
Apache StreamPipesApache StreamPipes: Resources Permission Escalation
First published (updated )
pip/apache-supersetApache Superset: Server arbitrary file read
6.8
First published (updated )
CVE-2024-45461Apache CloudStack Quota plugin: Access checks not enforced in Quota
6.3
First published (updated )
Oracle UtilitiesApache Ant TAR archive denial of service vulnerability
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Banking APIsPossible limited path traversal vulnerabily in Apache Commons IO
5.8
First published (updated )
Oracle UtilitiesApache Ant ZIP, and ZIP based, archive denial of service vulerability
5.5
First published (updated )
maven/org.apache.cassandra:cassandra-allApache Cassandra: CassandraNetworkAuthorizer and CassandraCIDRAuthorizer can be bypassed allowing access to different network regions
5.4
EPSS
0.04%
First published (updated )
maven/org.apache.cassandra:cassandra-allApache Cassandra: unrestricted deserialization of JMX authentication credentials
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SolrApache Solr: Core-creation with "trusted" configset can use arbitrary untrusted files
5.4
EPSS
0.04%
First published (updated )
Apache HiveApache Hive: Timing Attack Against Signature in LLAP util
6.5
First published (updated )
Trellix ePolicy OrchestratorIncorrect Transfer-Encoding handling with HTTP/1.0
5.3
First published (updated )
maven/org.apache.james:apache-mime4j-coreApache James Mime4J: Mime4J DOM header injection
5.3
First published (updated )
Apache Commons IOUncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.inp…
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache KvrocksApache Kvrocks: Cross-Protocol Scripting Vulnerability
6.5
EPSS
0.04%
First published (updated )
Apache AirflowApache Airflow: Bypass permission verification to read code of other dags
6.5
First published (updated )
pip/apache-airflowApache Airflow: DAG Params alllow to embed unchecked Javascript
5.4
First published (updated )
Apache SupersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb
6.5
First published (updated )
Apache StormApache Storm: Local Information Disclosure Vulnerability in Storm-core on Unix-Like systems due temporary files
5.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Apache SupersetApache Superset: Lack of rate limiting allows for possible denial of service
6.5
First published (updated )
pip/apache-supersetApache Superset: Sensitive information disclosure on db connection details
4.3
First published (updated )
Apache SupersetApache Superset: Unnecessary read permissions within the Gamma role
4.3
First published (updated )
Apache AirflowApache Airflow missing fix for CVE-2023-40611 in 2.7.1 (DAG run broken access)
4.3
First published (updated )
pip/apache-airflowApache Airflow: Bypass permission verification to view task instances of other dags
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
maven/org.apache.santuario:xmlsecApache Santuario: Private Key disclosure in debug-log output
6.5
First published (updated )
TomcatApache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests
5.3
First published (updated )
redhat/Apache Commons CompressApache Commons Compress: OutOfMemoryError unpacking broken Pack200 file
5.5
EPSS
0.06%
First published (updated )
Apache Commons CompressApache Commons Compress: Denial of service via CPU consumption for malformed TAR file
5.5
First published (updated )
Apache AirflowApache Airflow Dag Runs Broken Access Control Vulnerability
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.