Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache test vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-36388
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.
Apache Superset
NA
CVE-2023-36387
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Apache Superset
4
CVSSv2
CVE-2018-1000421
An improper authorization vulnerability exists in Jenkins Mesos Plugin 0.17.1 and previous versions in MesosCloud.java that allows attackers with Overall/Read access to initiate a test connection to an attacker-specified Mesos server with attacker-specified credentials IDs obtain...
Apache Mesos
5
CVSSv2
CVE-2004-0786
The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and previous versions allow remote malicious users to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.
Apache Http Server
7.5
CVSSv2
CVE-2007-2080
Multiple SQL injection vulnerabilities in XAMPP 1.6.0a for Windows allow remote malicious users to execute arbitrary SQL commands via unspecified vectors in certain test scripts.
Xampp Apache Distribution 1.6.0a
1 EDB exploit
NA
CVE-2023-50292
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 up to and including 8.11.2, from 9.0.0 prior to 9.3.0. The Schema Designer was introduced to all...
Apache Solr
7.5
CVSSv2
CVE-2002-0082
The dbm and shm session cache code in mod_ssl prior to 2.8.7-1.3.23, and Apache-SSL prior to 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote malicious users to use a buffer overflow to execute arbitrary code via a large cli...
Apache-ssl Apache-ssl 1.45
Apache-ssl Apache-ssl 1.46
Mod Ssl Mod Ssl 2.8.5
Mod Ssl Mod Ssl 2.8.6
Apache-ssl Apache-ssl 1.42
Apache-ssl Apache-ssl 1.44
Mod Ssl Mod Ssl 2.8.3
Mod Ssl Mod Ssl 2.8.4
Mod Ssl Mod Ssl 2.7.1
Mod Ssl Mod Ssl 2.8
Apache-ssl Apache-ssl 1.40
Apache-ssl Apache-ssl 1.41
Mod Ssl Mod Ssl 2.8.1
Mod Ssl Mod Ssl 2.8.2
3 EDB exploits
3 Github repositories
NA
CVE-2023-49735
** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing...
Apache Tiles
NA
CVE-2023-37379
Apache Airflow, in versions before 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending...
Apache Airflow
NA
CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire...
Apache Activemq
Apache Activemq Legacy Openwire Module
1 Metasploit module
28 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »