Filtered by vendor Apache
Subscribe
Total
2282 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1931 | 1 Apache | 1 Spamassassin | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. | |||||
CVE-2015-2992 | 1 Apache | 1 Struts | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. | |||||
CVE-2018-11805 | 2 Apache, Debian | 2 Spamassassin, Debian Linux | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places. | |||||
CVE-2020-1930 | 1 Apache | 1 Spamassassin | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges. | |||||
CVE-2019-17570 | 5 Apache, Canonical, Debian and 2 more | 6 Xml-rpc, Ubuntu Linux, Debian Linux and 3 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code. Apache XML-RPC is no longer maintained and this issue will not be fixed. | |||||
CVE-2019-10087 | 1 Apache | 1 Jspwiki | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. | |||||
CVE-2020-1928 | 1 Apache | 1 Nifi | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present. | |||||
CVE-2019-12415 | 2 Apache, Oracle | 27 Poi, Application Testing Suite, Banking Enterprise Originations and 24 more | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. | |||||
CVE-2019-0210 | 3 Apache, Oracle, Redhat | 4 Thrift, Communications Cloud Native Core Network Slice Selection Function, Enterprise Linux Server and 1 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data. | |||||
CVE-2019-10172 | 4 Apache, Debian, Fasterxml and 1 more | 5 Spark, Debian Linux, Jackson-mapper-asl and 2 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different classes. | |||||
CVE-2019-17573 | 2 Apache, Oracle | 7 Cxf, Commerce Guided Search, Communications Element Manager and 4 more | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable. | |||||
CVE-2019-17195 | 3 Apache, Connect2id, Oracle | 15 Hadoop, Nimbus Jose\+jwt, Communications Cloud Native Core Security Edge Protection Proxy and 12 more | 2024-02-28 | 6.8 MEDIUM | 9.8 CRITICAL |
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. | |||||
CVE-2019-20445 | 6 Apache, Canonical, Debian and 3 more | 8 Spark, Ubuntu Linux, Debian Linux and 5 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. | |||||
CVE-2019-12419 | 2 Apache, Oracle | 5 Cxf, Commerce Guided Search, Enterprise Manager Base Platform and 2 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Apache CXF before 3.3.4 and 3.2.11 provides all of the components that are required to build a fully fledged OpenId Connect service. There is a vulnerability in the access token services, where it does not validate that the authenticated principal is equal to that of the supplied clientId parameter in the request. If a malicious client was able to somehow steal an authorization code issued to another client, then they could exploit this vulnerability to obtain an access token for the other client. | |||||
CVE-2019-19906 | 8 Apache, Apple, Canonical and 5 more | 20 Bookkeeper, Ipados, Iphone Os and 17 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of-service in OpenLDAP via a malformed LDAP packet. The OpenLDAP crash is ultimately caused by an off-by-one error in _sasl_add_string in common.c in cyrus-sasl. | |||||
CVE-2020-1933 | 2 Apache, Mozilla | 2 Nifi, Firefox | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers. | |||||
CVE-2012-1592 | 1 Apache | 1 Struts | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files. | |||||
CVE-2019-10089 | 1 Apache | 1 Jspwiki | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. | |||||
CVE-2019-10083 | 1 Apache | 1 Nifi | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to. | |||||
CVE-2019-12410 | 1 Apache | 1 Arrow | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
While investigating UBSAN errors in https://github.com/apache/arrow/pull/5365 it was discovered Apache Arrow versions 0.12.0 to 0.14.1, left memory Array data uninitialized when reading RLE null data from parquet. This affected the C++, Python, Ruby and R implementations. The uninitialized memory could potentially be shared if are transmitted over the wire (for instance with Flight) or persisted in the streaming IPC and file formats. |