VYPR

Vendor CVEs

Apache

All CVEs

2,550 total · sorted by risk
  • CVE-2015-1776MedApr 19, 2016
    risk 0.40cvss 6.2epss 0.00

    Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the…

  • CVE-2015-7520MedApr 12, 2016
    risk 0.40cvss 6.1epss 0.05

    Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value"…

  • CVE-2015-5347MedApr 12, 2016
    risk 0.40cvss 6.1epss 0.08

    Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web…

  • CVE-2015-3268MedApr 12, 2016
    risk 0.40cvss 6.1epss 0.09

    Cross-site scripting (XSS) vulnerability in the DisplayEntityField.getDescription method in ModelFormField.java in Apache OFBiz before 12.04.06 and 13.07.x before 13.07.03 allows remote attackers to inject arbitrary web script or HTML via the description attribute of a…

  • CVE-2015-0265MedApr 11, 2016
    risk 0.40cvss 6.1epss 0.05

    Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header.

  • CVE-2016-2163MedApr 11, 2016
    risk 0.40cvss 6.1epss 0.08

    Cross-site scripting (XSS) vulnerability in Apache OpenMeetings before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the event description when creating an event.

  • CVE-2016-0712MedApr 11, 2016
    risk 0.40cvss 6.1epss 0.03

    Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal.

  • CVE-2016-0711MedApr 11, 2016
    risk 0.40cvss 6.1epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the title parameter when adding a (1) link, (2) page, or (3) folder resource.

  • CVE-2015-8797MedFeb 15, 2016
    risk 0.40cvss 6.1epss 0.03

    Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.

  • CVE-2015-8795MedFeb 15, 2016
    risk 0.40cvss 6.1epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to…

  • CVE-2026-48827HigJun 1, 2026
    risk 0.39cvss 7.1epss 0.01

    Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. …

  • CVE-2026-34476HigApr 13, 2026
    risk 0.39cvss 7.1epss 0.00

    Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue affects Apache SkyWalking MCP: 0.1.0. Users are recommended to upgrade to version 0.2.0, which fixes this issue.

  • CVE-2023-48795MedDec 18, 2023
    risk 0.39cvss 5.9epss 0.93

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently…

  • CVE-2018-11762MedSep 19, 2018
    risk 0.39cvss 5.9epss 0.05

    In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file.

  • CVE-2018-1302MedMar 26, 2018
    risk 0.39cvss 5.9epss 0.13

    When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual…

  • CVE-2018-1298MedFeb 9, 2018
    risk 0.39cvss 5.9epss 0.02

    A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the…

  • CVE-2017-15698MedJan 31, 2018
    risk 0.39cvss 5.9epss 0.04

    When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle fields longer than 127 bytes. The result of the parsing error was to skip the OCSP check. It was therefore possible for…

  • CVE-2017-12613HigOct 24, 2017
    risk 0.39cvss 7.1epss 0.02

    When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a…

  • CVE-2017-7672MedJul 13, 2017
    risk 0.39cvss 5.9epss 0.09

    If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12.

  • CVE-2017-7677MedJun 14, 2017
    risk 0.39cvss 5.9epss 0.03

    In environments that use external location for hive tables, Hive Authorizer in Apache Ranger before 0.7.1 should be checking RWX permission for create table.

  • CVE-2016-6805MedApr 7, 2017
    risk 0.39cvss 5.9epss 0.02

    Apache Ignite before 1.9 allows man-in-the-middle attackers to read arbitrary files via XXE in modified update-notifier documents.

  • CVE-2026-49270MedJun 1, 2026
    risk 0.38cvss 5.9epss 0.00

    Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurableSubs set to true, are vulnerable to an unauthenticated attacker who can receive…

  • CVE-2016-4467MedMay 2, 2017
    risk 0.38cvss 5.9epss 0.02

    The C client and C-based client bindings in the Apache Qpid Proton library before 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the…

  • CVE-2021-45105MedDec 18, 2021
    risk 0.37cvss 5.9epss 1.00

    Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is…

  • CVE-2018-8006MedOct 10, 2018
    risk 0.37cvss 6.1epss 0.56

    An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter.

  • CVE-2017-5646MedMay 26, 2017
    risk 0.37cvss 6.8epss 0.01

    For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While this activity is audit…

  • CVE-2026-27315MedApr 7, 2026
    risk 0.36cvss 5.5epss 0.00

    Sensitive Information Leak in cqlsh in Apache Cassandra 4.0 allows access to sensitive information, like passwords, from previously executed cqlsh command via  ~/.cassandra/cqlsh_history local file access. Users are recommended to upgrade to version 4.0.20, which fixes this…

  • CVE-2020-10727MedJun 26, 2020
    risk 0.36cvss 5.5epss 0.01

    A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use…

  • CVE-2018-11771MedAug 16, 2018
    risk 0.36cvss 5.5epss 0.05

    When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined with a java.io.InputStreamReader this can lead…

  • CVE-2018-1338MedApr 25, 2018
    risk 0.36cvss 5.5epss 0.02

    A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

  • CVE-2017-3157MedNov 20, 2017
    risk 0.36cvss 5.5epss 0.03

    By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information,…

  • CVE-2014-0219MedNov 15, 2017
    risk 0.36cvss 5.5epss 0.01

    Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by sending a shutdown command to all listening high ports.

  • CVE-2016-5001MedAug 30, 2017
    risk 0.36cvss 5.5epss 0.01

    This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing…

  • CVE-2016-4976MedMar 29, 2017
    risk 0.36cvss 5.5epss 0.01

    Apache Ambari 2.x before 2.4.0 includes KDC administrator passwords on the kadmin command line, which allows local users to obtain sensitive information via a process listing.

  • CVE-2017-5644MedMar 24, 2017
    risk 0.36cvss 5.5epss 0.05

    Apache POI in versions prior to release 3.15 allows remote attackers to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack.

  • CVE-2016-5000MedAug 5, 2016
    risk 0.36cvss 5.5epss 0.04

    The XLSX2CSV example in Apache POI before 3.14 allows remote attackers to read arbitrary files via a crafted OpenXML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

  • CVE-2016-2166MedApr 12, 2016
    risk 0.36cvss 6.5epss 0.04

    The (1) proton.reactor.Connector, (2) proton.reactor.Container, and (3) proton.utils.BlockingConnection classes in Apache Qpid Proton before 0.12.1 improperly use an unencrypted connection for an amqps URI scheme when SSL support is unavailable, which might allow…

  • CVE-2012-0037MedJun 17, 2012
    risk 0.36cvss 6.5epss 0.14

    Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and…

  • CVE-2026-50229modJun 29, 2026
    risk 0.35cvss 5.4epss 0.00

    tomcat: Apache Tomcat: Cross-Site Scripting vulnerability in number guess example

  • CVE-2026-49818MedJun 9, 2026
    risk 0.35cvss 6.5epss 0.01

    The Apache Airflow Samba provider's `GCSToSambaOperator` joined GCS object names to the SMB destination path without a containment check, so an object named with `../` segments resolved a write path outside the configured `destination_path`. An attacker able to write objects…

  • CVE-2026-34905MedJun 9, 2026
    risk 0.35cvss 6.5epss 0.00

    Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The unlisted question feature did not enforce access restrictions on direct API endpoints, allowing authenticated users to discover and…

  • CVE-2026-34031MedJun 9, 2026
    risk 0.35cvss 6.5epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. The server did not sufficiently validate user-supplied image URLs, allowing arbitrary external content to be embedded as profile images, which could…

  • CVE-2026-33582MedJun 9, 2026
    risk 0.35cvss 6.5epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to cause the server process to…

  • CVE-2026-43951MedJun 8, 2026
    risk 0.35cvss 6.5epss 0.01

    Out-of-bounds Read vulnerability in Apache HTTP Server with mod_headers and mod_mime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67.

  • CVE-2026-48726MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for `FabAuthManager` and `KeycloakAuthManager` did not actually reach the underlying `revoke_token()` call, so the JWT remained…

  • CVE-2026-42360MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys inside a JSON template structure) to be bypassed when the rendered field exceeded `[core] max_templated_field_length`:…

  • CVE-2026-42358MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered by secret-suffixed key names like `password`, `token`, `secret`, `api_key`) to be bypassed when the JSON value's nesting depth exceeded the shared secrets masker's recursion limit: the…

  • CVE-2026-40861MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.01

    A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg`) or (b) supply a `task_id` containing `..` sequences accepted by the Task…

  • CVE-2026-45192MedJun 1, 2026
    risk 0.35cvss 6.5epss 0.00

    A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connection's `extra` JSON blob under field names not present in the redaction allowlist…

  • CVE-2026-40564MedMay 26, 2026
    risk 0.35cvss 6.5epss 0.00

    Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses.  This lets a user with CR…

Page 12 of 51