Apache EPSS Rated Vulnerabilities
undefined vulnerabilities from the past 365 days which have an EPSS rating.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Incorrect Authorization Vulnerability Affects Apache OFBiz Through 18.12.14
CVE-2024-38856ApacheApache Ofbiz🥇📈💰👾🟡EPSS 94%🦅📰9.8CRITICALApache OFBiz vulnerable to 'Forced Browsing' (Direct Request) attack
CVE-2024-45195ApacheApache Ofbiz👾EPSS 94%🦅📰7.5HIGHRCE Vulnerability in Apache HugeGraph-Server
CVE-2024-27348ApacheApache Hugegraph-server📈👾🟡EPSS 94%🦅📰9.8CRITICALImproper Authentication Vulnerability in Apache Solr
CVE-2024-45216ApacheApache SolrEPSS 93%Apache OFBiz vulnerable to Path Traversal attack
CVE-2024-36104ApacheApache Ofbiz👾EPSS 93%📰9.1CRITICALApache OFBiz Fixes Path Traversal Vulnerability
CVE-2024-32113ApacheApache Ofbiz💰👾🟡EPSS 93%🦅📰9.8CRITICALSAML Authentication Vulnerability in CloudStack Environments
CVE-2024-41107ApacheApache Cloudstack👾EPSS 92%📰8.1HIGHRemote Code Execution and Information Disclosure Vulnerability in Apache Tomcat Software
CVE-2025-24813ApacheApache Tomcat🥇📈👾🟡EPSS 92%🦅📰9.8CRITICALRace Condition Vulnerability in Apache Tomcat Leading to Remote Code Execution
CVE-2024-50379ApacheApache Tomcat🥇📈👾🟡EPSS 92%📰9.8CRITICALFlawed File Upload Logic in Apache Struts Exposes Vulnerability
CVE-2024-53677ApacheApache Struts🥇📈💰👾🟡EPSS 89%📰Server-Side Request Forgery (SSRF) and Improper Control of Generation of Code (Code Injection) Vulnerability in Apache OFBiz
CVE-2024-45507ApacheApache Ofbiz📈EPSS 87%9.8CRITICALApache HTTP Server Vulnerability Could Leak NTML Hashes
CVE-2024-38472ApacheApache Http ServerEPSS 83%Crafted Requests Can Bypass Authentication in Apache HTTP Server's mod_proxy
CVE-2024-38473ApacheApache Http ServerEPSS 80%8.1HIGHIllegal Access to Additional Resource Files via File Read/Write Vulnerability
CVE-2024-30188ApacheApache DolphinschedulerEPSS 78%8.1HIGHSnakeYaml Deserialization RCE Vulnerability in Apache HertzBeat (incubating)
CVE-2024-42323ApacheApache HertzbeatEPSS 72%Code Execution or Source Code Disclosure Vulnerability in Apache HTTP Server's mod_rewrite
CVE-2024-38475ApacheApache Http Server👾🟡EPSS 62%9.1CRITICALCryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability Affects Apache StreamPipes from 0.69.0 to 0.93.0
CVE-2024-29868ApacheApache Streampipes👾🟡EPSS 52%SQL Injection Vulnerability in Apache Superset by Apache
CVE-2024-39887ApacheApache SupersetEPSS 50%9.8CRITICALDeserialization Vulnerability in Apache Seata by Apache
CVE-2024-22399ApacheSeataEPSS 48%9.8CRITICALBypass/Injection Vulnerability in Apache Camel by Apache
CVE-2025-27636ApacheApache Camel👾EPSS 39%📰5.6MEDIUMAuthentication Bypass Vulnerability in Apache HugeGraph-Server
CVE-2024-43441ApacheApache Hugegraph-server👾EPSS 35%📰Partial Fix for Content-Type Based Configuration Ignores Use of Legacy Handlers, Leading to Source Code Disclosure
CVE-2024-40725ApacheApache Http Server🥇📈👾🟡EPSS 29%📰5.3MEDIUMAuthorization Flaw in Apache NiFi Affecting Parameter Contexts and Controller Services
CVE-2024-56512Apache Software F...Nifi👾🟡EPSS 27%5.4MEDIUMSQL Injection Vulnerability in Apache Traffic Control
CVE-2024-45387ApacheApache Traffic Control📈💰👾EPSS 16%📰8.8HIGHRemote Code Execution Risk in Apache MINA ObjectSerializationDecoder
CVE-2024-52046ApacheApache Mina🥇📈EPSS 13%10CRITICAL