Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-49109
Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: prior to 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue.
NA
CVE-2023-49250
Because the HttpUtils class did not verify certificates, an attacker that could perform a Man-in-the-Middle (MITM) attack on outgoing https connections could impersonate the server. This issue affects Apache DolphinScheduler: prior to 3.2.0. Users are recommended to upgrade to ve...
NA
CVE-2023-50270
Session Fixation Apache DolphinScheduler before version 3.2.0, which session is still valid after the password change. Users are recommended to upgrade to version 3.2.1, which fixes this issue.
5.5
CVSSv3
CVE-2024-26308
Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 prior to 1.26. Users are recommended to upgrade to version 1.26, which fixes the issue.
Apache Commons Compress
5.5
CVSSv3
CVE-2024-25710
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 up to and including 1.25.0. Users are recommended to upgrade to version 1.26.0 which fixes the issue.
Apache Commons Compress
NA
CVE-2024-23952
This is a duplicate for CVE-2023-46104. With correct CVE version ranges for affected Apache Superset. Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets. This vulnerability exists in...
NA
CVE-2024-24814
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value make...
7.5
CVSSv3
CVE-2023-50298
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 up to and including 8.11.2, from 9.0.0 prior to 9.4.1. Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "...
Apache Solr
7.5
CVSSv3
CVE-2023-50291
Insufficiently Protected Credentials vulnerability in Apache Solr. This issue affects Apache Solr: from 6.0.0 up to and including 8.11.2, from 9.0.0 prior to 9.3.0. One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was ...
Apache Solr
7.5
CVSSv3
CVE-2023-50292
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 up to and including 8.11.2, from 9.0.0 prior to 9.3.0. The Schema Designer was introduced to all...
Apache Solr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »