Vendor CVEs
Apache
All CVEs
2,552 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2005-2728 | 0.01 | — | 0.11 | Aug 30, 2005 | The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field. | |||
| CVE-2005-1268 | 0.01 | — | 0.08 | Aug 5, 2005 | Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. | |||
| CVE-2005-1266 | 0.01 | — | 0.08 | Jun 15, 2005 | Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries. | |||
| CVE-2005-0088 | 0.01 | — | 0.06 | May 2, 2005 | The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL. | |||
| CVE-2004-0811 | 0.01 | — | 0.07 | Dec 31, 2004 | Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration. | |||
| CVE-2004-0885 | 0.01 | — | 0.14 | Nov 3, 2004 | The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. | |||
| CVE-2004-0809 | 0.01 | — | 0.15 | Sep 16, 2004 | The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access. | |||
| CVE-2003-0993 | 0.01 | — | 0.10 | Mar 29, 2004 | mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. | |||
| CVE-2004-0113 | 0.01 | — | 0.10 | Mar 29, 2004 | Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server. | |||
| CVE-2004-1082 | 0.01 | — | 0.08 | Feb 3, 2004 | mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. | |||
| CVE-2003-0542 | 0.01 | — | 0.13 | Nov 3, 2003 | Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. | |||
| CVE-2003-0460 | 0.01 | — | 0.13 | Aug 27, 2003 | The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. | |||
| CVE-2003-0254 | 0.01 | — | 0.09 | Aug 18, 2003 | Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. | |||
| CVE-2003-0253 | 0.01 | — | 0.09 | Aug 18, 2003 | The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. | |||
| CVE-2003-0189 | 0.01 | — | 0.15 | Jun 9, 2003 | The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when… | |||
| CVE-2003-0083 | 0.01 | — | 0.17 | Apr 2, 2003 | Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a… | |||
| CVE-2003-0020 | 0.01 | — | 0.11 | Mar 18, 2003 | Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. | |||
| CVE-2003-0044 | 0.01 | — | 0.09 | Feb 7, 2003 | Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. | |||
| CVE-2003-0016 | 0.01 | — | 0.16 | Feb 7, 2003 | Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. | |||
| CVE-2002-2009 | 0.01 | — | 0.07 | Dec 31, 2002 | Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message. | |||
| CVE-2002-2008 | 0.01 | — | 0.07 | Dec 31, 2002 | Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message. | |||
| CVE-2002-1157 | 0.01 | — | 0.10 | Nov 4, 2002 | Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is… | |||
| CVE-2002-1156 | 0.01 | — | 0.13 | Oct 11, 2002 | Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled. | |||
| CVE-2002-0935 | 0.01 | — | 0.08 | Oct 4, 2002 | Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang. | |||
| CVE-2002-1593 | 0.01 | — | 0.07 | Sep 25, 2002 | mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module. | |||
| CVE-2002-0249 | 0.01 | — | 0.08 | May 29, 2002 | PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message. | |||
| CVE-2002-0240 | 0.01 | — | 0.08 | May 29, 2002 | PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. | |||
| CVE-2002-1592 | 0.01 | — | 0.12 | May 6, 2002 | The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information. | |||
| CVE-2001-0829 | 0.01 | — | 0.14 | Dec 6, 2001 | A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message. | |||
| CVE-2001-1449 | 0.01 | — | 0.08 | Nov 28, 2001 | The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. | |||
| CVE-2001-0917 | 0.01 | — | 0.08 | Nov 22, 2001 | Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension. | |||
| CVE-2001-0729 | 0.01 | — | 0.07 | Oct 30, 2001 | Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters. | |||
| CVE-2001-0730 | 0.01 | — | 0.12 | Oct 30, 2001 | split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header. | |||
| CVE-2001-1342 | 0.01 | — | 0.12 | May 12, 2001 | Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer. | |||
| CVE-2000-1204 | 0.01 | — | 0.11 | Oct 13, 2000 | Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root. | |||
| CVE-2000-0672 | 0.01 | — | 0.10 | Jul 20, 2000 | The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory. | |||
| CVE-1999-1237 | 0.01 | — | 0.08 | Jun 6, 1999 | Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods. | |||
| CVE-2026-52760 | 0.00 | — | — | Jul 2, 2026 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to… | |||
| CVE-2026-49877 | 0.00 | — | — | Jul 2, 2026 | Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ:… | |||
| CVE-2026-55957 | 0.00 | — | 0.00 | Jun 30, 2026 | Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4,… | |||
| CVE-2026-55956 | 0.00 | — | 0.00 | Jun 30, 2026 | Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1… | |||
| CVE-2026-56130 | 0.00 | — | 0.00 | Jun 28, 2026 | "Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed. This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and… | |||
| CVE-2026-56091 | 0.00 | — | 0.00 | Jun 28, 2026 | When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://www.cve.org/CVERecord?id=CVE-2020-1957 https://www.cve.org/CVERecord , except that it… | |||
| CVE-2025-62198 | 0.00 | — | 0.00 | Jun 22, 2026 | An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue. | |||
| CVE-2026-44914 | 0.00 | — | 0.00 | Jun 22, 2026 | Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework… | |||
| CVE-2026-44911 | 0.00 | — | 0.00 | Jun 22, 2026 | Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 through 2.9.0 allows clients with read access to submit proposed configuration properties. The proposed properties override current configuration, enabling users with read access to… | |||
| CVE-2026-44913 | 0.00 | — | 0.00 | Jun 22, 2026 | Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection… | |||
| CVE-2026-54665 | 0.00 | — | 0.00 | Jun 22, 2026 | Apache NiFi 0.0.1 through 2.9.0 support building qualified URLs from one of several HTTP request headers that provide an alternative to the standard Host header without validating the values provided. Apache NiFi 1.6.0 introduced a configurable application property to restrict… | |||
| CVE-2025-66336 | 0.00 | — | 0.00 | Jun 22, 2026 | Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated into a SQL query, and the query is executed without passing the caller's authorization context. This may allow an authenticated… | |||
| CVE-2026-49872 | 0.00 | — | 0.00 | Jun 19, 2026 | Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to… |
- CVE-2005-2728Aug 30, 2005risk 0.01cvss —epss 0.11
The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service (memory consumption) via an HTTP header with a large Range field.
- CVE-2005-1268Aug 5, 2005risk 0.01cvss —epss 0.08
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.
- CVE-2005-1266Jun 15, 2005risk 0.01cvss —epss 0.08
Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service (CPU consumption and slowdown) via a message with a long Content-Type header without any boundaries.
- CVE-2005-0088May 2, 2005risk 0.01cvss —epss 0.06
The publisher handler for mod_python 2.7.8 and earlier allows remote attackers to obtain access to restricted objects via a crafted URL.
- CVE-2004-0811Dec 31, 2004risk 0.01cvss —epss 0.07
Unknown vulnerability in Apache 2.0.51 prevents "the merging of the Satisfy directive," which could allow attackers to obtain access to restricted resources contrary to the specified authentication configuration.
- CVE-2004-0885Nov 3, 2004risk 0.01cvss —epss 0.14
The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration.
- CVE-2004-0809Sep 16, 2004risk 0.01cvss —epss 0.15
The mod_dav module in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (child process crash) via a certain sequence of LOCK requests for a location that allows WebDAV authoring access.
- CVE-2003-0993Mar 29, 2004risk 0.01cvss —epss 0.10
mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
- CVE-2004-0113Mar 29, 2004risk 0.01cvss —epss 0.10
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
- CVE-2004-1082Feb 3, 2004risk 0.01cvss —epss 0.08
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
- CVE-2003-0542Nov 3, 2003risk 0.01cvss —epss 0.13
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.
- CVE-2003-0460Aug 27, 2003risk 0.01cvss —epss 0.13
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
- CVE-2003-0254Aug 18, 2003risk 0.01cvss —epss 0.09
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
- CVE-2003-0253Aug 18, 2003risk 0.01cvss —epss 0.09
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
- CVE-2003-0189Jun 9, 2003risk 0.01cvss —epss 0.15
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when…
- CVE-2003-0083Apr 2, 2003risk 0.01cvss —epss 0.17
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a…
- CVE-2003-0020Mar 18, 2003risk 0.01cvss —epss 0.11
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
- CVE-2003-0044Feb 7, 2003risk 0.01cvss —epss 0.09
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
- CVE-2003-0016Feb 7, 2003risk 0.01cvss —epss 0.16
Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.
- CVE-2002-2009Dec 31, 2002risk 0.01cvss —epss 0.07
Apache Tomcat 4.0.1 allows remote attackers to obtain the web root path via HTTP requests for JSP files preceded by (1) +/, (2) >/, (3) </, and (4) %20/, which leaks the pathname in an error message.
- CVE-2002-2008Dec 31, 2002risk 0.01cvss —epss 0.07
Apache Tomcat 4.0.3 for Windows allows remote attackers to obtain the web root path via an HTTP request for a resource that does not exist, such as lpt9, which leaks the information in an error message.
- CVE-2002-1157Nov 4, 2002risk 0.01cvss —epss 0.10
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS response on the SSL port, which is…
- CVE-2002-1156Oct 11, 2002risk 0.01cvss —epss 0.13
Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to a directory with both WebDAV and CGI enabled.
- CVE-2002-0935Oct 4, 2002risk 0.01cvss —epss 0.08
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
- CVE-2002-1593Sep 25, 2002risk 0.01cvss —epss 0.07
mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote attackers to kill a child process via a null dereference and cause a denial of service (CPU consumption) in a preforked multi-processing module.
- CVE-2002-0249May 29, 2002risk 0.01cvss —epss 0.08
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
- CVE-2002-0240May 29, 2002risk 0.01cvss —epss 0.08
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
- CVE-2002-1592May 6, 2002risk 0.01cvss —epss 0.12
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.
- CVE-2001-0829Dec 6, 2001risk 0.01cvss —epss 0.14
A cross-site scripting vulnerability in Apache Tomcat 3.2.1 allows a malicious webmaster to embed Javascript in a request for a .JSP file, which causes the Javascript to be inserted into an error message.
- CVE-2001-1449Nov 28, 2001risk 0.01cvss —epss 0.08
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
- CVE-2001-0917Nov 22, 2001risk 0.01cvss —epss 0.08
Jakarta Tomcat 4.0.1 allows remote attackers to reveal physical path information by requesting a long URL with a .JSP extension.
- CVE-2001-0729Oct 30, 2001risk 0.01cvss —epss 0.07
Apache 1.3.20 on Windows servers allows remote attackers to bypass the default index page and list directory contents via a URL with a large number of / (slash) characters.
- CVE-2001-0730Oct 30, 2001risk 0.01cvss —epss 0.12
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
- CVE-2001-1342May 12, 2001risk 0.01cvss —epss 0.12
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
- CVE-2000-1204Oct 13, 2000risk 0.01cvss —epss 0.11
Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
- CVE-2000-0672Jul 20, 2000risk 0.01cvss —epss 0.10
The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which allows remote attackers to read arbitrary files by directly calling the administrative servlets to add a context for the root directory.
- CVE-1999-1237Jun 6, 1999risk 0.01cvss —epss 0.08
Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods.
- CVE-2026-52760Jul 2, 2026risk 0.00cvss —epss —
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web Console. The browse page in the web console renders a message Id directly without sanitization. This allows an authenticated producer to…
- CVE-2026-49877Jul 2, 2026risk 0.00cvss —epss —
Improper Authorization vulnerability in Apache ActiveMQ. An authenticated low-privilege Web Console user by default can access /admin/* paths in the Web Console. The default Jetty settings incorrectly did not limit those paths to only admins. This issue affects Apache ActiveMQ:…
- CVE-2026-55957Jun 30, 2026risk 0.00cvss —epss 0.00
Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4,…
- CVE-2026-55956Jun 30, 2026risk 0.00cvss —epss 0.00
Improper Authorization vulnerability in Apache Tomcat leads to security constraints specified for the default servlet ignoring any method or method omission configured as part of the constraint. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.22, from 10.1.0-M1…
- CVE-2026-56130Jun 28, 2026risk 0.00cvss —epss 0.00
"Remember me" cookie age is not verified on the server. This potentially allows an attacker to intercept a valid cookie and reuse it indefinitely, even after the configured expiration time has passed. This issue affects all Apache Shiro versions from 1.2.4 through 2.x, and…
- CVE-2026-56091Jun 28, 2026risk 0.00cvss —epss 0.00
When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HTTP request may cause an authentication bypass. This vulnerability is similar to https://www.cve.org/CVERecord?id=CVE-2020-1957 https://www.cve.org/CVERecord , except that it…
- CVE-2025-62198Jun 22, 2026risk 0.00cvss —epss 0.00
An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier. Users are recommended to upgrade to version 2.5.0, which fixes the issue.
- CVE-2026-44914Jun 22, 2026risk 0.00cvss —epss 0.00
Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that include extension components with specific Required Permissions based on the Restricted annotation. The Restricted annotation indicates additional privileges required, but framework…
- CVE-2026-44911Jun 22, 2026risk 0.00cvss —epss 0.00
Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 through 2.9.0 allows clients with read access to submit proposed configuration properties. The proposed properties override current configuration, enabling users with read access to…
- CVE-2026-44913Jun 22, 2026risk 0.00cvss —epss 0.00
Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache NiFi 1.2.0 through 2.9.0 allows for injecting SQL commands using crafted naming. Manual quoted boundaries added in Apache NiFi 1.8.0 narrowed the scope of potential injection…
- CVE-2026-54665Jun 22, 2026risk 0.00cvss —epss 0.00
Apache NiFi 0.0.1 through 2.9.0 support building qualified URLs from one of several HTTP request headers that provide an alternative to the standard Host header without validating the values provided. Apache NiFi 1.6.0 introduced a configurable application property to restrict…
- CVE-2025-66336Jun 22, 2026risk 0.00cvss —epss 0.00
Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-controlled database name is directly interpolated into a SQL query, and the query is executed without passing the caller's authorization context. This may allow an authenticated…
- CVE-2026-49872Jun 19, 2026risk 0.00cvss —epss 0.00
Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route, an attacker can possibly authenticate itself with credentials from a different source. This issue affects Apache APISIX: from 3.0.0 through 3.16.0. Users are recommended to…
Page 25 of 52