Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-32656
Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 up to and including 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerab...
NA
CVE-2024-27347
Server-Side Request Forgery (SSRF) vulnerability in Apache HugeGraph-Hubble.This issue affects Apache HugeGraph-Hubble: from 1.0.0 prior to 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
NA
CVE-2024-27348
RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 prior to 1.3.0 in Java8 & Java11 Users are recommended to upgrade to version 1.3.0 with Java11 & enable the Auth system, which fixes the issue.
NA
CVE-2024-27349
Authentication Bypass by Spoofing vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 prior to 1.3.0. Users are recommended to upgrade to version 1.3.0, which fixes the issue.
NA
CVE-2024-29733
Improper Certificate Validation vulnerability in Apache Airflow FTP Provider. The FTP hook lacks complete certificate validation in FTP_TLS connections, which can potentially be leveraged. Implementing proper certificate validation by passing context=ssl.create_default_context() ...
NA
CVE-2024-29217
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache Answer.This issue affects Apache Answer: prior to 1.3.0. XSS attack when user changes personal website. A logged-in user, when modifying their personal website, ...
NA
CVE_2024_3094
Ansible role cve_2024_3094 Check xz vulnerability (cve_2024_3094) on your system. GitHub Version Issues Pull Requests Downloads Example Playbook This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release. --- - nam...
1 Github repository
NA
CVE-2024-31869
Airflow versions 2.7.0 up to and including 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configurati...
NA
CVE-2024-31391
Insertion of Sensitive Information into Log File vulnerability in the Apache Solr Operator. This issue affects all versions of the Apache Solr Operator from 0.3.0 up to and including 0.8.0. When asked to bootstrap Solr security, the operator will enable basic authentication and c...
NA
CVE-2024-27309
While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL con...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »