Filtered by vendor Apache
Subscribe
Total
2656 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-6809 | 1 Apache | 2 Nutch, Tika | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization. | |||||
| CVE-2017-7664 | 1 Apache | 1 Openmeetings | 2025-04-20 | 7.5 HIGH | 10.0 CRITICAL |
| Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0. | |||||
| CVE-2016-8744 | 1 Apache | 1 Brooklyn | 2025-04-20 | 9.0 HIGH | 8.8 HIGH |
| Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. SnakeYAML allows the use of YAML tags to indicate that SnakeYAML should unmarshal data to a Java type. In the default configuration in Brooklyn before 0.10.0, SnakeYAML will allow unmarshalling to any Java type available on the classpath. This could provide an authenticated user with a means to cause the JVM running Brooklyn to load and run Java code without detection by Brooklyn. Such code would have the privileges of the Java process running Brooklyn, including the ability to open files and network connections, and execute system commands. There is known to be a proof-of-concept exploit using this vulnerability. | |||||
| CVE-2017-6891 | 3 Apache, Debian, Gnu | 3 Bookkeeper, Debian Linux, Libtasn1 | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. asn1Coding utility. | |||||
| CVE-2015-5241 | 1 Apache | 1 Juddi | 2025-04-20 | 5.8 MEDIUM | 6.1 MEDIUM |
| After logging into the portal, the logout jsp page redirects the browser back to the login page after. It is feasible for malicious users to redirect the browser to an unintended web page in Apache jUDDI 3.1.2, 3.1.3, 3.1.4, and 3.1.5 when utilizing the portlets based user interface also known as 'Pluto', 'jUDDI Portal', 'UDDI Portal' or 'uddi-console'. User session data, credentials, and auth tokens are cleared before the redirect. | |||||
| CVE-2017-5649 | 1 Apache | 1 Geode | 2025-04-20 | 4.0 MEDIUM | 7.5 HIGH |
| Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the cluster. | |||||
| CVE-2017-12618 | 1 Apache | 1 Portable Runtime Utility | 2025-04-20 | 1.9 LOW | 4.7 MEDIUM |
| Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service. | |||||
| CVE-2017-3155 | 1 Apache | 1 Atlas | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting. | |||||
| CVE-2017-5652 | 1 Apache | 1 Impala | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. The port in question was used by the StatestoreSubscriber class which did not use the appropriate secure Thrift transport when TLS was turned on. It was therefore possible for an adversary, with access to the network, to eavesdrop on the packets going to and coming from that port and view the data in plaintext. | |||||
| CVE-2017-15701 | 1 Apache | 1 Qpid Broker-j | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected. | |||||
| CVE-2015-5168 | 1 Apache | 1 Traffic Server | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206. | |||||
| CVE-2015-5206 | 1 Apache | 1 Traffic Server | 2025-04-20 | 10.0 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168. | |||||
| CVE-2017-5646 | 1 Apache | 1 Knox | 2025-04-20 | 4.9 MEDIUM | 6.8 MEDIUM |
| For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While this activity is audit logged and can be easily associated with the authenticated user, this is still a serious security issue. All users are recommended to upgrade to the Apache Knox 0.12.0 release. | |||||
| CVE-2016-6798 | 1 Apache | 1 Sling | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.getValidXML() uses an insecure SAX parser to validate the input string, which allows for XXE attacks in all scripts which use this method to validate user input, potentially allowing an attacker to read sensitive data on the filesystem, perform same-site-request-forgery (SSRF), port-scanning behind the firewall or DoS the application. | |||||
| CVE-2016-5018 | 6 Apache, Canonical, Debian and 3 more | 15 Tomcat, Ubuntu Linux, Debian Linux and 12 more | 2025-04-20 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Apache Tomcat 9.0.0.M1 to 9.0.0.M9, 8.5.0 to 8.5.4, 8.0.0.RC1 to 8.0.36, 7.0.0 to 7.0.70 and 6.0.0 to 6.0.45 a malicious web application was able to bypass a configured SecurityManager via a Tomcat utility method that was accessible to web applications. | |||||
| CVE-2014-0043 | 1 Apache | 1 Wicket | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use. | |||||
| CVE-2017-7678 | 1 Apache | 1 Spark | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Apache Spark before 2.2.0, it is possible for an attacker to take advantage of a user's trust in the server to trick them into visiting a link that points to a shared Spark cluster and submits data including MHTML to the Spark master, or history server. This data, which could contain a script, would then be reflected back to the user and could be evaluated and executed by MS Windows-based clients. It is not an attack on Spark itself, but on the user, who may then execute the script inadvertently when viewing elements of the Spark web UIs. | |||||
| CVE-2012-5636 | 1 Apache | 1 Wicket | 2025-04-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.22, 1.5.x before 1.5.10, and 6.x before 6.4.0 might allow remote attackers to inject arbitrary web script or HTML via vectors related to <script> tags in a rendered response. | |||||
| CVE-2011-4343 | 1 Apache | 1 Myfaces | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters. | |||||
| CVE-2016-8752 | 1 Apache | 1 Atlas | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. | |||||