Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2016-6804
The Apache OpenOffice installer (versions before 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been pr...
Apache Openoffice
9.3
CVSSv2
CVE-2016-6803
An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice prior to 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. An...
Apache Openoffice
9.3
CVSSv2
CVE-2015-7611
Apache James Server 2.3.2, when configured with file-based user repositories, allows malicious users to execute arbitrary system commands via unspecified vectors.
Apache James Server 2.3.2
1 EDB exploit
9.3
CVSSv2
CVE-2016-1834
Heap-based buffer overflow in the xmlStrncat function in libxml2 prior to 2.9.4, as used in Apple iOS prior to 9.3.2, OS X prior to 10.11.5, tvOS prior to 9.2.1, and watchOS prior to 2.2.1, allows remote malicious users to execute arbitrary code or cause a denial of service (memo...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 12.04
Apple Tvos
Apple Iphone Os
Apple Mac Os X
Apple Watchos
Debian Debian Linux 8.0
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Tus 7.6
Redhat Enterprise Linux Server Tus 7.3
Redhat Enterprise Linux Server Tus 7.2
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Server Eus 7.3
Redhat Enterprise Linux Server Eus 7.2
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server Aus 7.2
Redhat Enterprise Linux Desktop 7.0
9.3
CVSSv2
CVE-2016-3081
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote malicious users to execute arbitrary code via method: prefix, related to chained expressions.
Apache Struts 2.3.28
Apache Struts 2.3.4
Apache Struts 2.3.3
Apache Struts 2.3.15.1
Apache Struts 2.3.15
Apache Struts 2.3.1.1
Apache Struts 2.3.1
Apache Struts 2.1.6
Apache Struts 2.1.5
Apache Struts 2.0.7
Apache Struts 2.0.6
Apache Struts 2.0.12
Apache Struts 2.0.11.2
Apache Struts 2.3.24
Apache Struts 2.3.8
Apache Struts 2.3.16.2
Apache Struts 2.3.16.1
Apache Struts 2.3.16
Apache Struts 2.3.14.1
Apache Struts 2.3.14
Apache Struts 2.2.1.1
Apache Struts 2.2.1
1 EDB exploit
2 Github repositories
9.3
CVSSv2
CVE-2015-5349
The CSV export in Apache LDAP Studio and Apache Directory Studio prior to 2.0.0-M10 does not properly escape field values, which might allow malicious users to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spre...
Apache Ldap Studio 0.6.0
Apache Ldap Studio 0.7.0
Apache Ldap Studio 0.8.0
Apache Ldap Studio 0.8.1
Apache Directory Studio 1.0.0
Apache Directory Studio 1.0.1
Apache Directory Studio 1.1.0
Apache Directory Studio 1.2.0
Apache Directory Studio 1.3.0
Apache Directory Studio 1.4.0
Apache Directory Studio 1.5.0
Apache Directory Studio 1.5.1
Apache Directory Studio 1.5.2
Apache Directory Studio 1.5.3
Apache Directory Studio 2.0.0
9.3
CVSSv2
CVE-2014-3524
Apache OpenOffice prior to 4.1.1 allows remote malicious users to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
Apache Openoffice
Libreoffice Libreoffice
3 Github repositories
9.3
CVSSv2
CVE-2013-2251
Apache Struts 2.0.0 up to and including 2.3.15 allows remote malicious users to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
Apache Struts 2.2.3.1
Apache Struts 2.3.4
Apache Struts 2.3.14.1
Apache Struts 2.0.8
Apache Struts 2.1.2
Apache Struts 2.0.14
Apache Struts 2.1.8.1
Apache Struts 2.2.1.1
Apache Struts 2.0.1
Apache Struts 2.0.3
Apache Struts 2.3.12
Apache Struts 2.3.1.2
Apache Struts 2.0.11.1
Apache Struts 2.3.14.3
Apache Struts 2.3.15
Apache Struts 2.2.1
Apache Struts 2.1.3
Apache Struts 2.1.0
Apache Struts 2.1.8
Apache Struts 2.0.0
Apache Struts 2.3.1
Apache Struts 2.3.7
1 EDB exploit
4 Github repositories
9.3
CVSSv2
CVE-2013-2134
Apache Struts 2 prior to 2.3.14.3 allows remote malicious users to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135.
Apache Struts
1 EDB exploit
9.3
CVSSv2
CVE-2013-2135
Apache Struts 2 prior to 2.3.14.3 allows remote malicious users to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.
Apache Struts
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »