Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

apache vulnerabilities and exploits

(subscribe to this query)

4.3
CVSSv2
CVE-2014-3628
Cross-site scripting (XSS) vulnerability in the Admin UI Plugin / Stats page in Apache Solr 4.x before 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the fieldvaluecache object....
Apache Solr 4.0.0Apache Solr 4.1.0Apache Solr 4.2.0Apache Solr 4.2.1Apache Solr 4.3.0Apache Solr 4.3.1Apache Solr 4.4.0Apache Solr 4.5.0Apache Solr 4.5.1Apache Solr 4.6.0Apache Solr 4.6.1Apache Solr 4.7.0Apache Solr 4.7.1Apache Solr 4.7.2Apache Solr 4.8.0Apache Solr 4.8.1Apache Solr 4.9.0Apache Solr 4.9.1Apache Solr 4.10.0Apache Solr 4.10.1Apache Solr 4.10.2
3.5
CVSSv2
CVE-2010-0684
Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1 allows remote authenticated users to inject arbitrary web script or HTML via the JMSDestination parameter in a queue action....
Apache Activemq 1.1Apache Activemq 1.2Apache Activemq 1.3Apache Activemq 1.4Apache Activemq 1.5Apache Activemq 2.0Apache Activemq 2.1Apache Activemq 3.0Apache Activemq 3.1Apache Activemq 3.2Apache Activemq 3.2.1Apache Activemq 3.2.2Apache Activemq 4.0Apache Activemq 4.0.1Apache Activemq 4.0.2Apache Activemq 4.1.0Apache Activemq 4.1.1Apache Activemq 5.0.0Apache Activemq 5.1.0Apache Activemq 5.2.0Apache Activemq
5
CVSSv2
CVE-2017-7680
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. This allows for flash content to be loaded from untrusted domains....
Apache Openmeetings 1.0.0Apache Openmeetings 2.0Apache Openmeetings 2.1Apache Openmeetings 2.1.1Apache Openmeetings 2.2.0Apache Openmeetings 3.0.0Apache Openmeetings 3.0.1Apache Openmeetings 3.0.2Apache Openmeetings 3.0.3Apache Openmeetings 3.0.4Apache Openmeetings 3.0.5Apache Openmeetings 3.0.6Apache Openmeetings 3.0.7Apache Openmeetings 3.1.0Apache Openmeetings 3.1.1Apache Openmeetings 3.1.2Apache Openmeetings 3.1.3Apache Openmeetings 3.1.4Apache Openmeetings 3.1.5Apache Openmeetings 3.2.0Apache Openmeetings 3.2.1
7.5
CVSSv2
CVE-2018-1287
In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code....
Apache Jmeter 2.1Apache Jmeter 2.2Apache Jmeter 2.3Apache Jmeter 2.3.1Apache Jmeter 2.3.2Apache Jmeter 2.3.3Apache Jmeter 2.3.4Apache Jmeter 2.4Apache Jmeter 2.5Apache Jmeter 2.5.1Apache Jmeter 2.6Apache Jmeter 2.7Apache Jmeter 2.8Apache Jmeter 2.9Apache Jmeter 2.10Apache Jmeter 2.11Apache Jmeter 2.12Apache Jmeter 2.13Apache Jmeter 3.0Apache Jmeter 3.1Apache Jmeter 3.2Apache Jmeter 3.3
5
CVSSv2
CVE-2020-13937
Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration...
Apache Kylin 2.0.0Apache Kylin 2.1.0Apache Kylin 2.2.0Apache Kylin 2.3.0Apache Kylin 2.3.1Apache Kylin 2.3.2Apache Kylin 2.4.0Apache Kylin 2.4.1Apache Kylin 2.5.0Apache Kylin 2.5.1Apache Kylin 2.5.2Apache Kylin 2.6.0Apache Kylin 2.6.1Apache Kylin 2.6.2Apache Kylin 2.6.3Apache Kylin 2.6.4Apache Kylin 2.6.5Apache Kylin 2.6.6Apache Kylin 3.0.0Apache Kylin 3.0.1Apache Kylin 3.0.2Apache Kylin 3.1.0Apache Kylin 4.0.0
4.3
CVSSv2
CVE-2008-1232
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML via a crafted string that is used in the message argument to the...
Apache Tomcat 4.1.0Apache Tomcat 4.1.1Apache Tomcat 4.1.2Apache Tomcat 4.1.3Apache Tomcat 4.1.10Apache Tomcat 4.1.12Apache Tomcat 4.1.15Apache Tomcat 4.1.24Apache Tomcat 4.1.28Apache Tomcat 4.1.31Apache Tomcat 4.1.36Apache Tomcat 5.5.0Apache Tomcat 5.5.1Apache Tomcat 5.5.2Apache Tomcat 5.5.10Apache Tomcat 5.5.11Apache Tomcat 5.5.12Apache Tomcat 5.5.13Apache Tomcat 5.5.14Apache Tomcat 5.5.15Apache Tomcat 5.5.16Apache Tomcat 5.5.17Apache Tomcat 5.5.18Apache Tomcat 5.5.19Apache Tomcat 5.5.20Apache Tomcat 5.5.21Apache Tomcat 5.5.22Apache Tomcat 5.5.23Apache Tomcat 5.5.24Apache Tomcat 5.5.25Apache Tomcat 6.0Apache Tomcat 6.0.0Apache Tomcat 6.0.1Apache Tomcat 6.0.10Apache Tomcat 6.0.11Apache Tomcat 6.0.12Apache Tomcat 6.0.13Apache Tomcat 6.0.14Apache Tomcat 6.0.15Apache Software Foundation Tomcat 4.1Apache Software Foundation Tomcat 4.1.32Apache Software Foundation Tomcat 4.1.34Apache Software Foundation Tomcat 4.1.37Apache Software Foundation Tomcat 5.5.26Apache Software Foundation Tomcat 6.0.16
6.8
CVSSv2
CVE-2016-6801
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to...
Apache Jackrabbit 2.4.0Apache Jackrabbit 2.4.1Apache Jackrabbit 2.4.2Apache Jackrabbit 2.4.3Apache Jackrabbit 2.4.4Apache Jackrabbit 2.4.5Apache Jackrabbit 2.6.0Apache Jackrabbit 2.6.1Apache Jackrabbit 2.6.2Apache Jackrabbit 2.6.3Apache Jackrabbit 2.6.4Apache Jackrabbit 2.6.5Apache Jackrabbit 2.8.0Apache Jackrabbit 2.8.1Apache Jackrabbit 2.8.2Apache Jackrabbit 2.10.0Apache Jackrabbit 2.10.1Apache Jackrabbit 2.10.2Apache Jackrabbit 2.10.3Apache Jackrabbit 2.12.0Apache Jackrabbit 2.12.1Apache Jackrabbit 2.12.2Apache Jackrabbit 2.12.3Apache Jackrabbit 2.13.0Apache Jackrabbit 2.13.1Apache Jackrabbit 2.13.2Debian Debian Linux 8.0
5
CVSSv2
CVE-2012-6551
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests....
Apache Activemq 4.0Apache Activemq 4.0.1Apache Activemq 4.0.2Apache Activemq 4.1.0Apache Activemq 4.1.1Apache Activemq 5.0.0Apache Activemq 5.1.0Apache Activemq 5.2.0Apache Activemq 5.3.0Apache Activemq 5.3.1Apache Activemq 5.3.2Apache Activemq 5.4.0Apache Activemq 5.4.1Apache Activemq 5.4.2Apache Activemq 5.5.0Apache Activemq 5.5.1Apache Activemq 5.6.0Apache Activemq
5
CVSSv2
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and earlier allows remote attackers to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message....
Apache Qpid 0.5Apache Qpid 0.6Apache Qpid 0.7Apache Qpid 0.8Apache Qpid 0.9Apache Qpid 0.10Apache Qpid 0.11Apache Qpid 0.12Apache Qpid 0.13Apache Qpid 0.14Apache Qpid 0.15Apache Qpid 0.16Apache Qpid 0.17Apache Qpid 0.18Apache Qpid 0.19Apache Qpid
3.5
CVSSv2
CVE-2010-4644
Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command....
Apache Subversion 0.6Apache Subversion 0.7Apache Subversion 0.8Apache Subversion 0.9Apache Subversion 0.10.0Apache Subversion 0.10.1Apache Subversion 0.10.2Apache Subversion 0.11.1Apache Subversion 0.12.0Apache Subversion 0.13.0Apache Subversion 0.13.1Apache Subversion 0.13.2Apache Subversion 0.14.0Apache Subversion 0.14.1Apache Subversion 0.14.2Apache Subversion 0.14.3Apache Subversion 0.14.4Apache Subversion 0.14.5Apache Subversion 0.15Apache Subversion 0.16Apache Subversion 0.16.1Apache Subversion 0.17.0Apache Subversion 0.17.1Apache Subversion 0.18.0Apache Subversion 0.18.1Apache Subversion 0.19.0Apache Subversion 0.19.1Apache Subversion 0.20.0Apache Subversion 0.20.1Apache Subversion 0.21.0Apache Subversion 0.22.0Apache Subversion 0.22.1Apache Subversion 0.22.2Apache Subversion 0.23.0Apache Subversion 0.24.0Apache Subversion 0.24.1Apache Subversion 0.24.2Apache Subversion 0.25.0Apache Subversion 0.26.0Apache Subversion 0.27.0Apache Subversion 0.28.0Apache Subversion 0.28.1Apache Subversion 0.28.2Apache Subversion 0.29.0Apache Subversion 0.30.0Apache Subversion 0.31.0Apache Subversion 0.32.1Apache Subversion 0.33.0Apache Subversion 0.33.1Apache Subversion 0.34.0Apache Subversion 0.35.0Apache Subversion 0.35.1Apache Subversion 0.36.0Apache Subversion 0.37.0Apache Subversion 1.0.0Apache Subversion 1.0.1Apache Subversion 1.0.2Apache Subversion 1.0.3Apache Subversion 1.0.4Apache Subversion 1.0.5Apache Subversion 1.0.6Apache Subversion 1.0.7Apache Subversion 1.0.8Apache Subversion 1.0.9Apache Subversion 1.1.0Apache Subversion 1.1.1Apache Subversion 1.1.2Apache Subversion 1.1.3Apache Subversion 1.1.4Apache Subversion 1.2.0Apache Subversion 1.2.1Apache Subversion 1.2.2Apache Subversion 1.2.3Apache Subversion 1.3.0Apache Subversion 1.3.1Apache Subversion 1.3.2Apache Subversion 1.4.0Apache Subversion 1.4.1Apache Subversion 1.4.2Apache Subversion 1.4.3Apache Subversion 1.4.4Apache Subversion 1.4.5Apache Subversion 1.4.6Apache Subversion 1.5.0Apache Subversion 1.5.1Apache Subversion 1.5.2Apache Subversion 1.5.3Apache Subversion 1.5.4Apache Subversion 1.5.5Apache Subversion 1.5.6Apache Subversion 1.5.7Apache Subversion 1.5.8Apache Subversion 1.6.0Apache Subversion 1.6.1Apache Subversion 1.6.2Apache Subversion 1.6.3Apache Subversion 1.6.4Apache Subversion 1.6.5Apache Subversion 1.6.6Apache Subversion 1.6.7Apache Subversion 1.6.8Apache Subversion 1.6.9Apache Subversion 1.6.10Apache Subversion 1.6.11Apache Subversion 1.6.12Apache Subversion 1.6.13Apache SubversionApache Subversion M1Apache Subversion M2Apache Subversion M3Apache Subversion M4\\/m5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-29997CVE-2021-29943cross-site request forgerymalicious code‎CVE-2021-26411CVE-2021-29627ibmCVE-2021-23281collaborative lifecycle managementCVE-2021-25253SSTI
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook