Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache software foundation vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-8021
Versions of Superset before 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
Apache Superset
4 Github repositories
6.5
CVSSv3
CVE-2023-37579
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Function Worker. This issue affects Apache Pulsar: prior to 2.10.4, and 2.11.0. Any authenticated user can retrieve a source's configuration or a sink's configuration without authorization...
Apache Pulsar 2.11.0
Apache Pulsar
7.5
CVSSv3
CVE-2023-34434
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. The attacker could bypass the current logic and achieve arbitrary file reading. To solve it, users are advised to up...
Apache Inlong
6.1
CVSSv3
CVE-2022-40743
Improper Input Validation vulnerability for the xdebug plugin in Apache Software Foundation Apache Traffic Server can lead to cross site scripting and cache poisoning attacks.This issue affects Apache Traffic Server: 9.0.0 to 9.1.3. Users should upgrade to 9.1.4 or later versions...
Apache Traffic Server
9.8
CVSSv3
CVE-2023-34340
Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo. This issue affects Apache Accumulo: 2.1.0. Accumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade...
Apache Accumulo 2.1.0
7.5
CVSSv3
CVE-2023-31058
Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Attackers would bypass the 'autoDeserialize' option filtering by adding blanks. Users are advised to upgra...
Apache Inlong
8.1
CVSSv3
CVE-2023-30428
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2...
Apache Pulsar 2.11.0
Apache Pulsar
6.5
CVSSv3
CVE-2023-34189
Exposure of Resource to Wrong Sphere Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.7.0. The attacker could use general users to delete and update the process, which only the admin can operate occurrenc...
Apache Inlong
7.5
CVSSv3
CVE-2023-31064
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 up to and including 1.6.0. the user in InLong could cancel an application that doesn't belongs to it. Users are advised ...
Apache Inlong
9.1
CVSSv3
CVE-2023-31066
Files or Directories Accessible to External Parties vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 up to and including 1.6.0. Different users in InLong could delete, edit, stop, and start others' sources! Users are advi...
Apache Inlong
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »