Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache test vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2024-4577
In PHP versions 8.1.* prior to 8.1.29, 8.2.* prior to 8.2.20, 8.3.* prior to 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to ...
Php Php
2 Github repositories
NA
CVE_2022_40684
Official Writeup - Simple CTF 2.0 Created: April 23, 2024 7:50 PM Today I completed an other room on TryHackMe with a simple file-upload vulnerability which I built. I have tried for dancing around this whole CTF machine and getting a lot of walls of challenges in the end it co...
1 Github repository
7.5
CVSSv3
CVE-2023-50292
Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 up to and including 8.11.2, from 9.0.0 prior to 9.3.0. The Schema Designer was introduced to all...
Apache Solr
9.8
CVSSv3
CVE-2023-51467
The vulnerability permits malicious users to circumvent authentication processes, enabling them to remotely execute arbitrary code
Apache Ofbiz
1 Metasploit module
18 Github repositories
1 Article
7.5
CVSSv3
CVE-2023-49735
** UNSUPPORTED WHEN ASSIGNED ** The value set as the DefaultLocaleResolver.LOCALE_KEY attribute on the session was not validated while resolving XML definition files, leading to possible path traversal and eventually SSRF/XXE when passing user-controlled data to this key. Passing...
Apache Tiles
9.8
CVSSv3
CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire...
Apache Activemq
Apache Activemq Legacy Openwire Module
1 Metasploit module
28 Github repositories
1 Article
5.9
CVSSv3
CVE-2023-45802
When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection bu...
Apache Http Server
Fedoraproject Fedora 38
2 Github repositories
5.4
CVSSv3
CVE-2023-36387
An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.
Apache Superset
5.4
CVSSv3
CVE-2023-36388
Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.
Apache Superset
8.1
CVSSv3
CVE-2023-37379
Apache Airflow, in versions before 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending...
Apache Airflow
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »