Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47894
Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 prior to 0.11.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict acces...
NA
CVE-2021-28656
Cross-Site Request Forgery (CSRF) vulnerability in Credential page of Apache Zeppelin allows an malicious user to submit malicious request. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions.
NA
CVE-2024-31862
Improper Input Validation vulnerability in Apache Zeppelin when creating a new note from Zeppelin's UI.This issue affects Apache Zeppelin: from 0.10.1 prior to 0.11.0. Users are recommended to upgrade to version 0.11.0, which fixes the issue.
NA
CVE-2024-31860
Improper Input Validation vulnerability in Apache Zeppelin. By adding relative path indicators(E.g ..), attackers can see the contents for any files in the filesystem that the server account can access. This issue affects Apache Zeppelin: from 0.9.0 prior to 0.11.0. Users are rec...
NA
CVE-2024-24746
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache NimBLE. Specially crafted GATT operation can cause infinite loop in GATT server leading to denial of service in Bluetooth stack or device. This issue affects Apache NimBLE: up to and includin...
NA
CVE-2024-24795
HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue.
NA
CVE-2024-27316
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
1 Github repository
1 Article
NA
CVE-2023-38709
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: up to and including 2.4.58.
NA
CVE-2024-29834
This vulnerability allows authenticated users with produce or consume permissions to perform unauthorized operations on partitioned topics, such as unloading topics and triggering compaction. These management operations should be restricted to users with the tenant admin role or ...
NA
CVE_2024_3094
Ansible role cve_2024_3094 Check xz vulnerability (cve_2024_3094) on your system. GitHub GitLab Downloads Version Example Playbook This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release. --- - name: Converge h...
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28254
CVE-2024-32515
CVE-2024-21338
validation
CVE-2024-32522
dos
CVE-2024-2101
CVE-2024-21107
elevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »