Apache Popular Vulnerabilities

Popular vulnerabilities are those that have been exploited or trending within the past 365 days.

Partial Fix for Content-Type Based Configuration Ignores Use of Legacy Handlers, Leading to Source Code Disclosure

CVE-2024-40725
ApacheApache Http Server๐Ÿ”ฅ๐Ÿ˜„5.3MEDIUM

Incorrect Authorization Vulnerability Affects Apache OFBiz Through 18.12.14

CVE-2024-38856
ApacheApache Ofbiz๐Ÿ”ฅ๐Ÿ˜„๐Ÿ‘พ๐ŸŸฃ9.8CRITICAL

RCE Vulnerability in Apache HugeGraph-Server

CVE-2024-27348
ApacheApache Hugegraph-server๐Ÿ˜„๐Ÿ‘พ

Apache Tomcat Vulnerability: Generation of Error Message Containing Sensitive Information

CVE-2024-21733
ApacheApache Tomcat๐Ÿ˜„๐Ÿ‘พ5.3MEDIUM

Remote Code Execution Vulnerability in Apache Struts

CVE-2023-51467
ApacheApache Ofbiz๐Ÿ˜„๐Ÿ‘พ9.8CRITICAL

Server-Side Request Forgery (SSRF) and Improper Control of Generation of Code (Code Injection) Vulnerability in Apache OFBiz

CVE-2024-45507
ApacheApache Ofbiz๐Ÿ˜„9.8CRITICAL

Apache OFBiz vulnerable to 'Forced Browsing' (Direct Request) attack

CVE-2024-45195
ApacheApache Ofbiz๐Ÿ‘พ7.5HIGH

SAML Authentication Vulnerability in CloudStack Environments

CVE-2024-41107
ApacheApache Cloudstack๐Ÿ‘พ8.1HIGH

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption Vulnerability Affects Apache Tomcat

CVE-2024-34750
ApacheApache Tomcat๐Ÿ‘พ

Cryptographically Weak Pseudo-Random Number Generator (PRNG) Vulnerability Affects Apache StreamPipes from 0.69.0 to 0.93.0

CVE-2024-29868
ApacheApache Streampipes๐Ÿ‘พ

Improper Input Validation Vulnerability in Apache Superset Allows for File Reading and Insertion

CVE-2024-34693
ApacheApache Superset๐Ÿ‘พ6.8MEDIUM

Apache OFBiz vulnerable to Path Traversal attack

CVE-2024-36104
ApacheApache Ofbiz๐Ÿ‘พ

Apache OFBiz Fixes Path Traversal Vulnerability

CVE-2024-32113
ApacheApache Ofbiz๐Ÿ‘พ๐ŸŸฃ9.8CRITICAL

nghttp2 Temporarily Buffers Incoming Headers to Prevent Memory Exhaustion

CVE-2024-27316
ApacheApache Http Server๐Ÿ‘พ7.5HIGH

Apache James Vulnerability: Deserialization of Untrusted Data Could Lead to Privilege Escalation

CVE-2023-51518
ApacheApache James Server๐Ÿ‘พ

Allocation of Resources Without Limits or Throttling Vulnerability

CVE-2024-26308
ApacheApache Commons Compress๐Ÿ‘พ5.5MEDIUM

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere Vulnerability in Apache Solr

CVE-2023-50386
ApacheApache Solr๐Ÿ‘พ8.8HIGH

Struts File Upload Vulnerability Could Lead to Remote Code Execution

CVE-2023-50164
ApacheApache Struts๐Ÿ‘พ9.8CRITICAL

Pre-auth RCE in Apache Ofbiz Prior to 18.12.10 Due to XML-RPC No Longer Maintained

CVE-2023-49070
ApacheApache Ofbiz๐Ÿ‘พ9.8CRITICAL

Remote Code Execution Vulnerability Affects Java OpenWire Protocol Marshaller

CVE-2023-46604
ApacheApache ActiveMQ๐Ÿ‘พ๐ŸŸฃ9.8CRITICAL