Apache EPSS Rated Vulnerabilities
Apache vulnerabilities from the past 365 days which have an EPSS rating.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Incorrect Authorization Vulnerability Affects Apache OFBiz Through 18.12.14
CVE-2024-38856ApacheApache Ofbiz๐ฅ๐๐ฐ๐พ๐กEPSS 94%๐ฆ ๐ฐ9.8CRITICALApache OFBiz vulnerable to 'Forced Browsing' (Direct Request) attack
CVE-2024-45195ApacheApache Ofbiz๐พEPSS 94%๐ฆ ๐ฐ7.5HIGHRemote Code Execution and Information Disclosure Vulnerability in Apache Tomcat Software
CVE-2025-24813ApacheApache Tomcat๐ฅ๐๐พ๐กEPSS 93%๐ฆ ๐ฐ9.8CRITICALImproper Authentication Vulnerability in Apache Solr
CVE-2024-45216ApacheApache SolrEPSS 93%SAML Authentication Vulnerability in CloudStack Environments
CVE-2024-41107ApacheApache Cloudstack๐พEPSS 93%๐ฐ8.1HIGHFlawed File Upload Logic in Apache Struts Exposes Vulnerability
CVE-2024-53677ApacheApache Struts๐ฅ๐๐ฐ๐พ๐กEPSS 91%๐ฐRace Condition Vulnerability in Apache Tomcat Leading to Remote Code Execution
CVE-2024-50379ApacheApache Tomcat๐ฅ๐๐พ๐กEPSS 88%๐ฐ9.8CRITICALServer-Side Request Forgery (SSRF) and Improper Control of Generation of Code (Code Injection) Vulnerability in Apache OFBiz
CVE-2024-45507ApacheApache Ofbiz๐EPSS 87%9.8CRITICALIllegal Access to Additional Resource Files via File Read/Write Vulnerability
CVE-2024-30188ApacheApache DolphinschedulerEPSS 80%8.1HIGHSQL Injection Vulnerability in Apache Superset by Apache
CVE-2024-39887ApacheApache SupersetEPSS 58%9.8CRITICALSnakeYaml Deserialization RCE Vulnerability in Apache HertzBeat (incubating)
CVE-2024-42323ApacheApache HertzbeatEPSS 57%Deserialization Vulnerability in Apache Seata by Apache
CVE-2024-22399ApacheSeataEPSS 48%9.8CRITICALSQL Injection Vulnerability in Apache Traffic Control
CVE-2024-45387ApacheApache Traffic Control๐๐ฐ๐พEPSS 35%๐ฐ8.8HIGHBypass/Injection Vulnerability in Apache Camel by Apache
CVE-2025-27636ApacheApache Camel๐พEPSS 35%๐ฐ5.6MEDIUMRemote Code Execution Risk in Apache MINA ObjectSerializationDecoder
CVE-2024-52046ApacheApache Mina๐ฅ๐EPSS 30%10CRITICALAuthentication Bypass Vulnerability in Apache HugeGraph-Server
CVE-2024-43441ApacheApache Hugegraph-server๐พEPSS 26%๐ฐPartial Fix for Content-Type Based Configuration Ignores Use of Legacy Handlers, Leading to Source Code Disclosure
CVE-2024-40725ApacheApache Http Server๐ฅ๐๐พ๐กEPSS 24%๐ฐ5.3MEDIUMAuthorization Flaw in Apache NiFi Affecting Parameter Contexts and Controller Services
CVE-2024-56512Apache Software F...Nifi๐พ๐กEPSS 23%5.4MEDIUMAccess Control Issue in Apache CloudStack Affects User Comments
CVE-2025-22828ApacheApache Cloudstack๐พ๐กEPSS 11%Race Condition Vulnerability in Apache Tomcat Affects Multiple Versions
CVE-2024-56337ApacheApache Tomcat๐ฅ๐๐พ๐ฐ9.8CRITICALInvalid Filename Validation Vulnerability in Apache Subversion Repositories
CVE-2024-46901ApacheApache Subversion3.1LOWAuthentication Bypass Vulnerability in Apache Pinot
CVE-2024-56325ApacheApache PinotUncontrolled Resource Consumption in Apache Tomcat Affects Performance
CVE-2024-54677ApacheApache Tomcat5.3MEDIUMIncorrect Object Recycling Vulnerability Affects Apache Tomcat Versions
CVE-2024-52317ApacheApache Tomcat๐พ๐ก6.5MEDIUMApache Wicket: Remote code execution via XSLT injection
CVE-2024-36522ApacheApache Wicket9.8CRITICAL