VYPR

Vendor CVEs

Apache

All CVEs

2,550 total · sorted by risk
  • CVE-2026-42403HigMay 1, 2026
    risk 0.49cvss 7.5epss 0.01

    Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references Policy B which references Policy A), the policy normalization process can enter an infinite loop or cause…

  • CVE-2026-42402HigMay 1, 2026
    risk 0.49cvss 7.5epss 0.01

    Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an exponential Cartesian cross-product expansion during the normalization process, causing unbounded memory…

  • CVE-2026-5088HigApr 15, 2026
    risk 0.49cvss 7.5epss 0.01

    Apache::API::Password versions through 0.5.2 for Perl can generate insecure random values for salts. The _make_salt and _make_salt_bcrypt methods will attept to load Crypt::URandom and then Bytes::Random::Secure to generate random bytes for the salt. If those modules are…

  • CVE-2026-39304HigApr 10, 2026
    risk 0.49cvss 7.5epss 0.01

    Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ. ActiveMQ NIO SSL transports do not correctly handle TLSv1.3 handshake KeyUpdates triggered by clients. This makes it possible for a client to rapidly trigger…

  • CVE-2018-11796HigOct 9, 2018
    risk 0.49cvss 7.5epss 0.07

    In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the documentation, removes the user-specified SecurityManager and thus removes entity…

  • CVE-2018-1310HigMay 23, 2018
    risk 0.49cvss 7.5epss 0.03

    Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache…

  • CVE-2018-8012HigMay 21, 2018
    risk 0.49cvss 7.5epss 0.09

    No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.

  • CVE-2018-1294HigMar 20, 2018
    risk 0.49cvss 7.5epss 0.03

    If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated. Mitigation: Users should upgrade to…

  • CVE-2018-1316HigMar 5, 2018
    risk 0.49cvss 7.5epss 0.03

    The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion.…

  • CVE-2017-7671HigFeb 27, 2018
    risk 0.49cvss 7.5epss 0.02

    There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump.

  • CVE-2018-1299HigFeb 6, 2018
    risk 0.49cvss 7.5epss 0.03

    In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it…

  • CVE-2017-12632HigJan 23, 2018
    risk 0.49cvss 7.5epss 0.03

    A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade…

  • CVE-2012-3353HigJan 9, 2018
    risk 0.49cvss 7.5epss 0.03

    The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR…

  • CVE-2014-0115HigOct 30, 2017
    risk 0.49cvss 7.5epss 0.05

    Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to log.

  • CVE-2014-3526HigOct 30, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.

  • CVE-2010-2232HigOct 23, 2017
    risk 0.49cvss 7.5epss 0.04

    In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.

  • CVE-2017-5635HigOct 19, 2017
    risk 0.49cvss 7.5epss 0.03

    In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the "anonymous" user.

  • CVE-2017-9793HigSep 20, 2017
    risk 0.49cvss 7.5epss 0.07

    The REST Plugin in Apache Struts 2.1.x, 2.3.7 through 2.3.33 and 2.5 through 2.5.12 is using an outdated XStream library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted XML payload.

  • CVE-2017-9803HigSep 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache Solr's Kerberos plugin can be configured to use delegation tokens, which allows an application to reuse the authentication of an end-user or another application. There are two issues with this functionality (when using SecurityAwareZkACLProvider type of ACL provider e.g.…

  • CVE-2017-3163HigAug 30, 2017
    risk 0.49cvss 7.5epss 0.07

    When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special…

  • CVE-2017-3154HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.02

    Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.

  • CVE-2016-8752HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.

  • CVE-2015-5209HigAug 29, 2017
    risk 0.49cvss 7.5epss 0.09

    Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object.

  • CVE-2012-0880HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.04

    Apache Xerces-C++ allows remote attackers to cause a denial of service (CPU consumption) via a crafted message sent to an XML service that causes hash table collisions.

  • CVE-2010-2245HigAug 8, 2017
    risk 0.49cvss 7.4epss 0.12

    XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document.

  • CVE-2017-9801HigAug 7, 2017
    risk 0.49cvss 7.5epss 0.06

    When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.

  • CVE-2017-7688HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache OpenMeetings 1.0.0 updates user password in insecure manner.

  • CVE-2017-7684HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded. An attacker can cause a denial of service by uploading multiple large files to the server.

  • CVE-2017-7683HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.

  • CVE-2017-7680HigJul 17, 2017
    risk 0.49cvss 7.5epss 0.02

    Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains.

  • CVE-2017-5652HigJul 10, 2017
    risk 0.49cvss 7.5epss 0.01

    During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the…

  • CVE-2017-7660HigJul 7, 2017
    risk 0.49cvss 7.5epss 0.06

    Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe…

  • CVE-2017-7686HigJun 28, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. To do that the component communicates to an external PHP server (http://ignite.run)…

  • CVE-2017-7667HigJun 12, 2017
    risk 0.49cvss 7.5epss 0.01

    Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin.

  • CVE-2017-7669HigJun 5, 2017
    risk 0.49cvss 7.5epss 0.02

    In Apache Hadoop 2.8.0, 3.0.0-alpha1, and 3.0.0-alpha2, the LinuxContainerExecutor runs docker commands as root with insufficient input validation. When the docker feature is enabled, authenticated users can run commands as root.

  • CVE-2016-3083HigMay 30, 2017
    risk 0.49cvss 7.5epss 0.01

    Apache Hive (JDBC + HiveServer2) implements SSL for plain TCP and HTTP connections (it supports both transport modes). While validating the server's certificate during the connection setup, the client in Apache Hive before 1.2.2 and 2.0.x before 2.0.1 doesn't seem to be…

  • CVE-2016-8741HigMay 15, 2017
    risk 0.49cvss 7.5epss 0.06

    The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders in…

  • CVE-2017-5654HigMay 12, 2017
    risk 0.49cvss 7.5epss 0.02

    In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.

  • CVE-2017-5659HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Traffic Server before 6.2.1 generates a coredump when there is a mismatch between content length and chunked encoding.

  • CVE-2016-5396HigApr 17, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack.

  • CVE-2017-5649HigApr 4, 2017
    risk 0.49cvss 7.5epss 0.03

    Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes…

  • CVE-2017-6056HigFeb 17, 2017
    risk 0.49cvss 7.5epss 0.07

    It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816 fix but not…

  • CVE-2016-6497HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.06

    main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods.

  • CVE-2016-4974HigJul 13, 2016
    risk 0.49cvss 7.5epss 0.06

    Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary…

  • CVE-2016-2164HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.07

    The (1) FileService.importFileByInternalUserId and (2) FileService.importFile SOAP API methods in Apache OpenMeetings before 3.1.1 improperly use the Java URL class without checking the specified protocol handler, which allows remote attackers to read arbitrary files by…

  • CVE-2016-0783HigApr 11, 2016
    risk 0.49cvss 7.5epss 0.07

    The sendHashByUser function in Apache OpenMeetings before 3.1.1 generates predictable password reset tokens, which makes it easier for remote attackers to reset arbitrary user passwords by leveraging knowledge of a user name and the current system time.

  • CVE-2009-1955HigJun 8, 2009
    risk 0.49cvss 7.5epss 0.53

    The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document…

  • CVE-2026-50631HigJun 12, 2026
    risk 0.48cvss 7.4epss 0.00

    A race condition in AbstractOAuthDataProvider allows concurrent requests using the same Refresh Token to bypass single-use semantics and generate multiple valid Access Tokens, when 'recycleRefreshTokens' is set to false. A leaked refresh token can be replayed concurrently by…

  • CVE-2018-8020HigJul 31, 2018
    risk 0.48cvss 7.4epss 0.04

    Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 has a flaw that does not properly check OCSP pre-produced responses, which are lists (multiple entries) of certificate statuses. Subsequently, revoked client certificates may not be properly identified, allowing for users…

  • CVE-2018-8019HigJul 31, 2018
    risk 0.48cvss 7.4epss 0.04

    When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked…

Page 7 of 51