apache software foundation vulnerabilities and exploits

(subscribe to this query)

Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: prior to 3.5.0. Users are recommended to upgrade to version 3.5.0, which f...

Apache Software Foundation Apache Uima Java Sdk Core Apache Software Foundation Apache Uima Java Sdk Cpe Apache Software Foundation Apache Uima Java Sdk Vinci Adapter Apache Software Foundation Apache Uima Java Sdk Tools Apache Uimaj

Signing cookies is an application security feature that adds a digital signature to cookie data to verify its authenticity and integrity. The signature helps prevent malicious actors from modifying the cookie value, which can lead to security vulnerabilities and exploitation. Apa...

Apache Software Foundation Apache Hive Apache Software Foundation Apache Spark

Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.1.0 prior to 8.0.0 Description: Default clustering instructions at https://openmeetings.apache.org/Clustering.html doesn't specify white/black lists for OpenJPA this leads to possible deseri...

Apache Software Foundation Apache Openmeetings Apache Openmeetings

Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.

Apache Software Foundation Apache Ranger

SSRF vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0. Users are recommended to upgrade to version Apache Ranger 2.5.0, which fixes this issue.

Apache Software Foundation Apache Ranger

Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1]. Specific...

Apache Software Foundation Apache Kafka

CWE-502 Deserialization of Untrusted Data at the eventmesh-meta-raft plugin module in Apache EventMesh master branch without release version on windows\linux\mac os e.g. platforms allows malicious users to send controlled message and remote code execute via hessian deserializatio...

Apache Software Foundation Apache Eventmesh

Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are ...

Apache Software Foundation Apache Hive

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on ...

Apache Software Foundation Apache Cassandra

A potential denial of service vulnerability is present in versions of Apache CXF prior to 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system (it applies to servers and clie...

Apache Software Foundation Apache Cxf

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook