Filtered by vendor Apache
Subscribe
Total
2282 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-3579 | 1 Apache | 1 Activemq Apollo | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
XML external entity (XXE) vulnerability in Apache ActiveMQ Apollo 1.x before 1.7.1 allows remote consumers to have unspecified impact via vectors involving an XPath based selector when dequeuing XML messages. | |||||
CVE-2017-3169 | 1 Apache | 1 Http Server | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. | |||||
CVE-2016-8746 | 1 Apache | 1 Ranger | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
Apache Ranger before 0.6.3 policy engine incorrectly matches paths in certain conditions when policy does not contain wildcards and has recursion flag set to true. | |||||
CVE-2017-7672 | 1 Apache | 1 Struts | 2024-02-28 | 4.3 MEDIUM | 5.9 MEDIUM |
If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12. | |||||
CVE-2015-0226 | 1 Apache | 1 Wss4j | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption failures when decrypting an encrypted key or message data, which makes it easier for remote attackers to recover the plaintext form of a symmetric key via a series of crafted messages. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-2487. | |||||
CVE-2015-1835 | 1 Apache | 1 Cordova | 2024-02-28 | 2.6 LOW | 5.3 MEDIUM |
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL. | |||||
CVE-2014-0073 | 1 Apache | 2 Cordova, Cordova In-app-browser | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The CDVInAppBrowser class in the Apache Cordova In-App-Browser standalone plugin (org.apache.cordova.inappbrowser) before 0.3.2 for iOS and the In-App-Browser plugin for iOS from Cordova 2.6.0 through 2.9.0 does not properly validate callback identifiers, which allows remote attackers to execute arbitrary JavaScript in the host page and consequently gain privileges via a crafted gap-iab: URI. | |||||
CVE-2016-6806 | 1 Apache | 1 Wicket | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
Apache Wicket 6.x before 6.25.0, 7.x before 7.5.0, and 8.0.0-M1 provide a CSRF prevention measure that fails to discover some cross origin requests. The mitigation is to not only check the Origin HTTP header, but also take the Referer HTTP header into account when no Origin was provided. Furthermore, not all Wicket server side targets were subjected to the CSRF check. This was also fixed. | |||||
CVE-2014-3250 | 3 Apache, Puppet, Redhat | 3 Http Server, Puppet, Linux | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. | |||||
CVE-2016-8745 | 1 Apache | 1 Tomcat | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn meant that the same Processor could be used for concurrent requests. Sharing a Processor can result in information leakage between requests including, not not limited to, session ID and the response body. The bug was first noticed in 8.5.x onwards where it appears the refactoring of the Connector code for 8.5.x onwards made it more likely that the bug was observed. Initially it was thought that the 8.5.x refactoring introduced the bug but further investigation has shown that the bug is present in all currently supported Tomcat versions. | |||||
CVE-2017-7687 | 1 Apache | 1 Mesos | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
When handling a decoding failure for a malformed URL path of an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev might crash because the code accidentally calls inappropriate function. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. | |||||
CVE-2014-9634 | 2 Apache, Jenkins | 2 Tomcat, Jenkins | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Jenkins before 1.586 does not set the secure flag on session cookies when run on Tomcat 7.0.41 or later, which makes it easier for remote attackers to capture cookies by intercepting their transmission within an HTTP session. | |||||
CVE-2017-7685 | 1 Apache | 1 Openmeetings | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH. | |||||
CVE-2012-0803 | 1 Apache | 1 Cxf | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The WS-SP UsernameToken policy in Apache CXF 2.4.5 and 2.5.1 allows remote attackers to bypass authentication by sending an empty UsernameToken as part of a SOAP request. | |||||
CVE-2017-15701 | 1 Apache | 1 Qpid Broker-j | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
In Apache Qpid Broker-J versions 6.1.0 through 6.1.4 (inclusive) the broker does not properly enforce a maximum frame size in AMQP 1.0 frames. A remote unauthenticated attacker could exploit this to cause the broker to exhaust all available memory and eventually terminate. Older AMQP protocols are not affected. | |||||
CVE-2017-12630 | 1 Apache | 1 Drill | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
In Apache Drill 1.11.0 and earlier when submitting form from Query page users are able to pass arbitrary script or HTML which will take effect on Profile page afterwards. Example: after submitting special script that returns cookie information from Query page, malicious user may obtain this information from Profile page afterwards. | |||||
CVE-2014-0043 | 1 Apache | 1 Wicket | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use. | |||||
CVE-2017-3154 | 1 Apache | 1 Atlas | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information. | |||||
CVE-2017-9800 | 1 Apache | 1 Subversion | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. | |||||
CVE-2016-6793 | 1 Apache | 1 Wicket | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object. |