VYPR

Vendor CVEs

Apache

All CVEs

2,550 total · sorted by risk
  • CVE-2018-8007HigJul 11, 2018
    risk 0.48cvss 7.2epss 0.12

    Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the…

  • CVE-2017-3160HigFeb 1, 2018
    risk 0.48cvss 7.4epss 0.04

    After the Android platform is added to Cordova the first time, or after a project is created using the build scripts, the scripts will fetch Gradle on the first build. However, since the default URI is not using https, it is vulnerable to a MiTM and the Gradle executable is not…

  • CVE-2017-3162HigApr 26, 2017
    risk 0.48cvss 7.3epss 0.06

    HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0.

  • CVE-2017-5662HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.04

    In Apache Batik before 1.9, files lying on the filesystem of the server which uses batik can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the…

  • CVE-2017-5661HigApr 18, 2017
    risk 0.48cvss 7.3epss 0.03

    In Apache FOP before 2.2, files lying on the filesystem of the server which uses FOP can be revealed to arbitrary users who send maliciously formed SVG files. The file types that can be shown depend on the user context in which the exploitable application is running. If the user…

  • CVE-2016-1182HigJul 4, 2016
    risk 0.48cvss 8.2epss 0.26

    ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899.

  • CVE-2015-1836HigDec 21, 2015
    risk 0.48cvss 7.3epss 0.07

    Apache HBase 0.98 before 0.98.12.1, 1.0 before 1.0.1.1, and 1.1 before 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote attackers to cause a denial of service…

  • CVE-2015-1772HigDec 21, 2015
    risk 0.48cvss 7.3epss 0.07

    The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to…

  • CVE-2026-57915impJun 26, 2026
    risk 0.47cvss 7.3epss 0.00

    Apache Kerby: org.apache.kerby/kerb-server: Apache Kerby: Kerberos pre-authentication bypass via unrecognized PA-DATA

  • CVE-2026-42782HigMay 25, 2026
    risk 0.47cvss 7.2epss 0.01

    Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted code reaching a non-sandboxed execution path via the class static initializer. …

  • CVE-2026-29226HigMay 19, 2026
    risk 0.47cvss 7.3epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in Apache OFBiz via Content component operations. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.

  • CVE-2025-55752HigOct 27, 2025
    risk 0.47cvss 7.5epss 0.67

    Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the …

  • CVE-2018-11769HigAug 8, 2018
    risk 0.47cvss 7.2epss 0.08

    CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the…

  • CVE-2016-8648HigAug 1, 2018
    risk 0.47cvss 7.2epss 0.02

    It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the…

  • CVE-2015-0249HigJul 17, 2017
    risk 0.47cvss 7.2epss 0.05

    The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users with admin privileges for a weblog to execute arbitrary Java code via crafted Velocity Text Language (aka VTL).

  • CVE-2016-1181HigJul 4, 2016
    risk 0.47cvss 8.1epss 0.13

    ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to…

  • CVE-2016-2174HigJun 13, 2016
    risk 0.47cvss 7.2epss 0.02

    SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.

  • CVE-2026-41731HigJun 10, 2026
    risk 0.46cvss 8.1epss 0.00

    JsonKafkaHeaderMapper and the deprecated DefaultKafkaHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Combined with Jackson's default bean deserialization, a producer…

  • CVE-2026-45361HigMay 25, 2026
    risk 0.46cvss 8.1epss 0.01

    Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attackers who can intercept or modify the session. Users are advised to upgrade to…

  • CVE-2026-45760HigMay 21, 2026
    risk 0.46cvss 8.1epss 0.00

    (Externally Controlled Reference to a Resource in Another Sphere), (Authorization Bypass Through User-Controlled Key) vulnerability in Apache Camel K. Authorized users in a Kubernetes namespace can create a Build resource, controlling the Pod generation in a namespace of their…

  • CVE-2026-35194HigMay 15, 2026
    risk 0.46cvss 8.1epss 0.00

    Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions…

  • CVE-2026-40563HigMay 4, 2026
    risk 0.46cvss 8.1epss 0.00

    Description: Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Atlas Apache Atlas exposes a DSL search endpoint that accepts user-supplied query strings. Attacker can alter Gremlin traversal logic within grammar-allowed characters to access…

  • CVE-2026-41604HigApr 28, 2026
    risk 0.46cvss 8.2epss 0.01

    Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.

  • CVE-2026-40022HigApr 27, 2026
    risk 0.46cvss 8.2epss 0.01

    When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-main) and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and…

  • CVE-2026-23902HigApr 24, 2026
    risk 0.46cvss 8.1epss 0.00

    Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution. This issue affects Apache DolphinScheduler versions prior to 3.4.1.  Users…

  • CVE-2025-54550HigApr 15, 2026
    risk 0.46cvss 8.1epss 0.01

    The example example_xcom that was included in airflow documentation implemented unsafe pattern of reading value from xcom in the way that could be exploited to allow UI user who had access to modify XComs to perform arbitrary execution of code on the worker. Since the UI users…

  • CVE-2024-24927HigFeb 12, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme allows Reflected XSS.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme:…

  • CVE-2018-8039HigJul 2, 2018
    risk 0.46cvss 8.1epss 0.10

    It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work…

  • CVE-2015-5348HigApr 15, 2016
    risk 0.46cvss 8.1epss 0.06

    Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

  • CVE-2015-0266HigApr 11, 2016
    risk 0.46cvss 7.1epss 0.02

    The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass intended access restrictions via direct access to module URLs.

  • CVE-2015-5346HigFeb 25, 2016
    risk 0.46cvss 8.1epss 0.11

    Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by…

  • CVE-2016-6816HigMar 20, 2017
    risk 0.45cvss 7.1epss 0.40

    The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid…

  • CVE-2016-2167MedMay 5, 2016
    risk 0.45cvss 6.8epss 0.07

    The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of…

  • CVE-2026-40048HigApr 27, 2026
    risk 0.44cvss 7.8epss 0.00

    The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `.key` files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to `java.security.KeyPair` is…

  • CVE-2016-2168MedMay 5, 2016
    risk 0.44cvss 6.5epss 0.20

    The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2)…

  • CVE-2015-5349HigApr 11, 2016
    risk 0.44cvss 7.8epss 0.02

    The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.

  • CVE-2026-34486HigApr 9, 2026
    risk 0.43cvss 7.5epss 0.16

    Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor. This issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116. Users are recommended to upgrade to version 11.0.21, 10.1.54 or…

  • CVE-2021-26117HigJan 27, 2021
    risk 0.43cvss 7.5epss 0.11

    The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users…

  • CVE-2018-8038HigJul 5, 2018
    risk 0.43cvss 7.5epss 0.11

    Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters.

  • CVE-2017-15691MedApr 26, 2018
    risk 0.43cvss 6.5epss 0.09

    In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capability of various XML parsers.…

  • CVE-2018-1308HigApr 9, 2018
    risk 0.43cvss 7.5epss 0.21

    This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files…

  • CVE-2015-0203MedFeb 21, 2018
    risk 0.43cvss 6.5epss 0.09

    The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control…

  • CVE-2017-15699MedFeb 13, 2018
    risk 0.43cvss 6.5epss 0.03

    A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause…

  • CVE-2017-12626HigJan 29, 2018
    risk 0.43cvss 7.5epss 0.10

    Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and macros (POI bugs 61338 and 61294), and 2) Out of Memory Exceptions while parsing crafted DOC, PPT and XLS (POI bugs 52372 and…

  • CVE-2012-0881HigOct 30, 2017
    risk 0.43cvss 7.5epss 0.17

    Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

  • CVE-2016-8734MedOct 16, 2017
    risk 0.43cvss 6.5epss 0.06

    Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU…

  • CVE-2017-9804HigSep 20, 2017
    risk 0.43cvss 7.5epss 0.10

    In Apache Struts 2.3.7 through 2.3.33 and 2.5 through 2.5.12, if an application allows entering a URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. …

  • CVE-2017-7675HigAug 11, 2017
    risk 0.43cvss 7.5epss 0.10

    The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.0.M21 and 8.5.0 to 8.5.15 bypassed a number of security checks that prevented directory traversal attacks. It was therefore possible to bypass security constraints using a specially crafted URL.

  • CVE-2016-8745HigAug 10, 2017
    risk 0.43cvss 7.5epss 0.16

    A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple…

  • CVE-2017-9787HigJul 13, 2017
    risk 0.43cvss 7.5epss 0.11

    When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33.

Page 8 of 51