VYPR

Vendor CVEs

Apache

All CVEs

2,550 total · sorted by risk
  • CVE-2026-50633HigJun 12, 2026
    risk 0.53cvss 8.1epss 0.01

    A JNDI Injection vulnerability has been discovered in Apache CXF's JCA integration module, which can allow for code execution, if an attacker is able to manipulate the JCA deployment descriptor (ra.xml) or runtime activation parameters. Users are recommended to upgrade to…

  • CVE-2026-50632HigJun 12, 2026
    risk 0.53cvss 8.1epss 0.00

    A further incomplete fix for a previous advisory CVE-2026-44417 (Untrusted JMS configuration can lead to RCE) for Apache CXF has been identified, which can allow code execution capabilities, if untrusted users are allowed to configure JMS for Apache CXF. Users are recommended…

  • CVE-2026-44825HigJun 1, 2026
    risk 0.53cvss 8.1epss 0.01

    Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently…

  • CVE-2026-42588HigJun 1, 2026
    risk 0.53cvss 8.1epss 0.01

    Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default…

  • CVE-2025-66172HigMay 8, 2026
    risk 0.53cvss 8.1epss 0.01

    The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can restore a volume from any other…

  • CVE-2025-22509HigJan 8, 2026
    risk 0.53cvss 8.1epss 0.01

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in TMRW-studio Atlas atlas allows PHP Local File Inclusion.This issue affects Atlas: from n/a through <= 2.1.0.

  • CVE-2024-45416HigSep 16, 2024
    risk 0.53cvss 8.1epss 0.01

    The HTTPD binary in multiple ZTE routers has a local file inclusion vulnerability in session_init function. The session -LUA- files are stored in the directory /var/lua_session, the function iterates on all files in this directory and executes them using the function dofile…

  • CVE-2018-8042HigJul 18, 2018
    risk 0.53cvss 8.1epss 0.02

    Apache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.

  • CVE-2018-8011HigJul 18, 2018
    risk 0.53cvss 7.5epss 0.52

    By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).

  • CVE-2018-1292HigApr 20, 2018
    risk 0.53cvss 8.1epss 0.02

    Within the 'getReportType' method in Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, a hacker could inject SQL to read/update data for which he doesn't have authorization for by way of the 'reportName' parameter.

  • CVE-2018-1291HigApr 20, 2018
    risk 0.53cvss 8.1epss 0.02

    Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' which are appended directly with SQL statements. A hacker/user can inject/draft the 'orderBy' query…

  • CVE-2017-3158HigJan 18, 2018
    risk 0.53cvss 8.1epss 0.01

    A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap. Such overlapping writes could cause packet data to be misread as the packet length, resulting in the remaining data being…

  • CVE-2016-5018CriAug 10, 2017
    risk 0.53cvss 9.1epss 0.10

    In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications.

  • CVE-2017-7659HigJul 26, 2017
    risk 0.53cvss 7.5epss 0.54

    A maliciously constructed HTTP/2 request could cause mod_http2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process.

  • CVE-2017-7682HigJul 17, 2017
    risk 0.53cvss 8.2epss 0.02

    Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas.

  • CVE-2017-7668HigJun 20, 2017
    risk 0.53cvss 7.5epss 0.57

    The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a…

  • CVE-2017-5648CriApr 17, 2017
    risk 0.53cvss 9.1epss 0.13

    While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a…

  • CVE-2016-5017HigSep 21, 2016
    risk 0.53cvss 8.1epss 0.08

    Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

  • CVE-2016-4432CriJun 1, 2016
    risk 0.53cvss 9.1epss 0.08

    The AMQP 0-8, 0-9, 0-91, and 0-10 connection handling in Apache Qpid Java before 6.0.3 might allow remote attackers to bypass authentication and consequently perform actions via vectors related to connection state logging.

  • CVE-2002-1850HigDec 31, 2002
    risk 0.53cvss 7.5epss 0.17

    mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock between httpd and the CGI…

  • CVE-2026-42535CriJun 8, 2026
    risk 0.52cvss 9.1epss 0.01

    A path handling issue in mod_dav_fs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue.

  • CVE-2026-50076CriJun 4, 2026
    risk 0.52cvss 9.1epss 0.01

    Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks and invoke classpath-present…

  • CVE-2026-42252CriJun 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] }}")` example without any quoting / sanitization warning. Dag authors who copied…

  • CVE-2026-43515CriMay 12, 2026
    risk 0.52cvss 9.1epss 0.01

    Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0…

  • CVE-2025-66467HigMay 8, 2026
    risk 0.52cvss 8.0epss 0.00

    Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the…

  • CVE-2026-33557CriApr 20, 2026
    risk 0.52cvss 9.1epss 0.01

    A possible security vulnerability has been identified in Apache Kafka. By default, the broker property `sasl.oauthbearer.jwt.validator.class` is set to `org.apache.kafka.common.security.oauthbearer.DefaultJwtValidator`. It accepts any JWT token without validating…

  • CVE-2026-31908CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.01

    Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which…

  • CVE-2026-29145CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through…

  • CVE-2025-57735CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanism that implements token invalidation at logout. Users who are concerned about…

  • CVE-2024-24926HigFeb 12, 2024
    risk 0.52cvss 7.5epss 0.01

    Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6.

  • CVE-2018-1323HigMar 12, 2018
    risk 0.52cvss 7.5epss 0.44

    The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then…

  • CVE-2017-5657HigMay 22, 2017
    risk 0.52cvss 8.0epss 0.01

    Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. A malicious site opened in the same browser as the archiva site, may send an HTML response that performs arbitrary actions on archiva services, with the same…

  • CVE-2016-3092HigJul 4, 2016
    risk 0.52cvss 7.5epss 0.36

    The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long…

  • CVE-2015-5343HigApr 14, 2016
    risk 0.52cvss 7.6epss 0.30

    Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded…

  • CVE-2016-2171HigApr 11, 2016
    risk 0.52cvss 7.5epss 0.43

    The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the REST API.

  • CVE-2008-3282HigAug 29, 2008
    risk 0.52cvss 7.8epss 0.11

    Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in the memory allocator in OpenOffice.org (OOo) 2.4.1, on 64-bit platforms, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a…

  • CVE-2024-22029HigOct 16, 2024
    risk 0.51cvss 7.8epss 0.00

    Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root

  • CVE-2018-11781HigSep 17, 2018
    risk 0.51cvss 7.8epss 0.01

    Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

  • CVE-2013-0267HigFeb 21, 2018
    risk 0.51cvss 8.8epss 0.04

    The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct…

  • CVE-2017-12608HigNov 20, 2017
    risk 0.51cvss 7.8epss 0.03

    A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code…

  • CVE-2017-12607HigNov 20, 2017
    risk 0.51cvss 7.8epss 0.03

    A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.

  • CVE-2017-9806HigNov 20, 2017
    risk 0.51cvss 7.8epss 0.02

    A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code…

  • CVE-2016-6804HigNov 20, 2017
    risk 0.51cvss 7.8epss 0.03

    The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been…

  • CVE-2017-3166HigNov 13, 2017
    risk 0.51cvss 7.8epss 0.00

    In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared…

  • CVE-2016-6803HigNov 13, 2017
    risk 0.51cvss 7.8epss 0.02

    An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer…

  • CVE-2016-5002HigOct 27, 2017
    risk 0.51cvss 7.8epss 0.08

    XML external entity (XXE) vulnerability in the Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted DTD.

  • CVE-2017-12628HigOct 20, 2017
    risk 0.51cvss 7.8epss 0.01

    The JMX server embedded in Apache James, also used by the command line client is exposed to a java de-serialization issue, and thus can be used to execute arbitrary commands. As James exposes JMX socket by default only on local-host, this vulnerability can only be used for…

  • CVE-2016-4434HigSep 30, 2017
    risk 0.51cvss 7.8epss 0.03

    Apache Tika before 1.13 does not properly initialize the XML parser or choose handlers, which might allow remote attackers to conduct XML External Entity (XXE) attacks via vectors involving (1) spreadsheets in OOXML files and (2) XMP metadata in PDF and other file formats, a…

  • CVE-2017-12612HigSep 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user…

  • CVE-2016-9775HigMar 23, 2017
    risk 0.51cvss 7.8epss 0.01

    The postrm script in the tomcat6 package before 6.0.45+dfsg-1~deb7u3 on Debian wheezy, before 6.0.45+dfsg-1~deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on Ubuntu 12.04 LTS and on Ubuntu 14.04 LTS; the tomcat7 package before 7.0.28-4+deb7u7 on Debian wheezy, before…

Page 5 of 51