Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache software foundation vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-8021
Versions of Superset before 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
Apache Superset
4 Github repositories
NA
CVE-2023-37579
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: prior to 2.10.4, and 2.11.0. Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization...
Apache Pulsar 2.11.0
Apache Pulsar
NA
CVE-2023-34434
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. The attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to up...
Apache Inlong
NA
CVE-2023-34340
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade...
Apache Accumulo 2.1.0
NA
CVE-2022-40743
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Apache Traffic Server
NA
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgra...
Apache Inlong
NA
CVE-2023-30428
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2...
Apache Pulsar 2.11.0
Apache Pulsar
NA
CVE-2023-31064
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised ...
Apache Inlong
NA
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advi...
Apache Inlong
NA
CVE-2023-31103
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers can change the immutable name and type of cluster of InLong. Users are advised to upgrade to Apache InL...
Apache Inlong
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »