Apache Exploited Vulnerabilities
Apache vulnerabilities known to be exploited. Over the past 365 days, sorted by exploit discovery date.
Vulnerability Published:
🗓️ Published
- Anytime
Sort By:
🗓️ Published Date
- Descending
Session Management Vulnerability in Apache Roller by Apache
CVE-2025-24859ApacheApache Roller📈👾📰10CRITICALTemplate Engine Vulnerability in Apache OFBiz Affects Multiple Versions
CVE-2025-26865ApacheApache Ofbiz👾🟡3.5LOWCode Execution Vulnerability in Apache Parquet Product by Apache
CVE-2025-30065ApacheApache Parquet Java🥇📈💰👾🟡📰10CRITICALRemote Code Execution and Information Disclosure Vulnerability in Apache Tomcat Software
CVE-2025-24813ApacheApache Tomcat🥇📈👾🟡EPSS 92%🦅📰9.8CRITICALBypass/Injection Vulnerability in Apache Camel by Apache
CVE-2025-27636ApacheApache Camel👾EPSS 39%📰5.6MEDIUMImproper Input Validation in Apache Traffic Server by Apache
CVE-2024-38311ApacheApache Traffic Server👾📰6.3MEDIUMAccess Control Issue in Apache CloudStack Affects User Comments
CVE-2025-22828ApacheApache Cloudstack👾🟡Race Condition Vulnerability in Apache Tomcat Affects Multiple Versions
CVE-2024-56337ApacheApache Tomcat🥇📈👾📰9.8CRITICALAuthorization Flaw in Apache NiFi Affecting Parameter Contexts and Controller Services
CVE-2024-56512Apache Software F...Nifi👾🟡EPSS 27%5.4MEDIUMAuthentication Bypass Vulnerability in Apache HugeGraph-Server
CVE-2024-43441ApacheApache Hugegraph-server👾EPSS 35%📰SQL Injection Vulnerability in Apache Traffic Control
CVE-2024-45387ApacheApache Traffic Control📈💰👾EPSS 16%📰8.8HIGHRace Condition Vulnerability in Apache Tomcat Leading to Remote Code Execution
CVE-2024-50379ApacheApache Tomcat🥇📈👾🟡EPSS 92%📰9.8CRITICALPartial Fix for Content-Type Based Configuration Ignores Use of Legacy Handlers, Leading to Source Code Disclosure
CVE-2024-40725ApacheApache Http Server🥇📈👾🟡EPSS 29%📰5.3MEDIUMArbitrary File Write Vulnerability in ActiveMQ Artemis Could Lead to RCE
CVE-2023-50780ApacheApache ActiveMQ Artemis👾🟡8.8HIGHCode Execution or Source Code Disclosure Vulnerability in Apache HTTP Server's mod_rewrite
CVE-2024-38475ApacheApache Http Server👾🟡EPSS 62%9.1CRITICALFlawed File Upload Logic in Apache Struts Exposes Vulnerability
CVE-2024-53677ApacheApache Struts🥇📈💰👾🟡EPSS 89%📰Incorrect Object Recycling and Reuse Vulnerability in Apache Tomcat
CVE-2024-52318ApacheApache Tomcat👾🟡6.1MEDIUMIncorrect Object Recycling Vulnerability Affects Apache Tomcat Versions
CVE-2024-52317ApacheApache Tomcat👾🟡6.5MEDIUMUnchecked Error Condition Vulnerability Affects Apache Tomcat
CVE-2024-52316ApacheApache Tomcat👾🟡9.8CRITICALApache Avro Java SDK Vulnerability
CVE-2024-47561ApacheApache Avro Java Sdk👾📰Apache OFBiz vulnerable to 'Forced Browsing' (Direct Request) attack
CVE-2024-45195ApacheApache Ofbiz👾EPSS 94%🦅📰7.5HIGHApache OFBiz vulnerable to Path Traversal attack
CVE-2024-36104ApacheApache Ofbiz👾EPSS 93%📰9.1CRITICALApache OFBiz Fixes Path Traversal Vulnerability
CVE-2024-32113ApacheApache Ofbiz💰👾🟡EPSS 93%🦅📰9.8CRITICALIncorrect Authorization Vulnerability Affects Apache OFBiz Through 18.12.14
CVE-2024-38856ApacheApache Ofbiz🥇📈💰👾🟡EPSS 94%🦅📰9.8CRITICALImproper Input Validation Vulnerability in Apache Superset Allows for File Reading and Insertion
CVE-2024-34693ApacheApache Superset👾🟡📰6.8MEDIUM