Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache software foundation vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-25621
Privilege Escalation vulnerability in Apache Software Foundation Apache Sling. Any content author is able to create i18n dictionaries in the repository in a location the author has write access to. As these translations are used across the whole product, it allows an author to ch...
Apache Sling I18n
NA
CVE-2023-28935
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Software Foundation Apache UIMA DUCC. When using the "Distributed UIMA Cluster Computing" (DUCC) module of Apache UIMA, ...
Apache Unstructured Information Management Architecture -
NA
CVE-2024-25065
Possible path traversal in Apache OFBiz allowing authentication bypass. Users are recommended to upgrade to version 18.12.12, that fixes the issue.
890
VMScore
CVE-2004-0492
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote malicious users to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes a large amount of data ...
Hp Webproxy 2.0
Hp Virtualvault 11.0.4
Apache Http Server 1.3.27
Ibm Http Server 1.3.28
Apache Http Server 1.3.28
Apache Http Server 1.3.31
Hp Webproxy 2.1
Ibm Http Server 1.3.26.1
Apache Http Server 1.3.26
Apache Http Server 1.3.29
Sgi Propack 2.4
Ibm Http Server 1.3.26
Ibm Http Server 1.3.26.2
Hp Vvos 11.04
Openbsd Openbsd 3.5
Openbsd Openbsd
Openbsd Openbsd 3.4
NA
CVE-2022-46751
Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy before 2.5.2. When Apache Ivy before 2.5.2 parses XML files - either its own config...
Apache Ivy
1 Github repository
766
VMScore
CVE-2002-0392
Apache 1.3 up to and including 1.3.24, and Apache 2.0 up to and including 2.0.36, allows remote malicious users to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
Apache Http Server
Debian Debian Linux 2.2
3 EDB exploits
3 Github repositories
NA
CVE-2023-40195
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to confi...
Apache Airflow Spark Provider
NA
CVE-2023-33933
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 up to and including 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrad...
Apache Traffic Server
NA
CVE-2022-44730
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.
Apache Xml Graphics Batik
Debian Debian Linux 10.0
NA
CVE-2022-44729
Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in so...
Apache Xml Graphics Batik
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »