Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2016-6807

Summary
Assigner-apache
Assigner Org ID-f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At-28 Mar, 2017 | 20:00
Updated At-06 Aug, 2024 | 01:43
Rejected At-
Credits

Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:apache
Assigner Org ID:f0158376-9dc2-43b6-827c-5f631a4d8d09
Published At:28 Mar, 2017 | 20:00
Updated At:06 Aug, 2024 | 01:43
Rejected At:
▼CVE Numbering Authority (CNA)

Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.

Affected Products
Vendor
The Apache Software FoundationApache Software Foundation
Product
Apache Ambari
Versions
Affected
  • 2.4.x before 2.4.2
Problem Types
TypeCWE IDDescription
textN/Amissing authorization check
Type: text
CWE ID: N/A
Description: missing authorization check
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/97184
vdb-entry
x_refsource_BID
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/97184
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/97184
vdb-entry
x_refsource_BID
x_transferred
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/97184
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@apache.org
Published At:28 Mar, 2017 | 20:59
Updated At:20 Apr, 2025 | 01:37

Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches

The Apache Software Foundation
apache
>>ambari>>2.4.0
cpe:2.3:a:apache:ambari:2.4.0:*:*:*:*:*:*:*
The Apache Software Foundation
apache
>>ambari>>2.4.1
cpe:2.3:a:apache:ambari:2.4.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-284Primarynvd@nist.gov
CWE ID: CWE-284
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.securityfocus.com/bid/97184security@apache.org
Third Party Advisory
VDB Entry
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2security@apache.org
Release Notes
Vendor Advisory
http://www.securityfocus.com/bid/97184af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2af854a3a-2127-422b-91ae-364da2661108
Release Notes
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97184
Source: security@apache.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
Source: security@apache.org
Resource:
Release Notes
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/97184
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://cwiki.apache.org/confluence/display/AMBARI/Ambari+Vulnerabilities#AmbariVulnerabilities-FixedinAmbari2.4.2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Release Notes
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

515Records found

CVE-2008-2384
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-4.25% / 88.36%
||
7 Day CHG~0.00%
Published-22 Jan, 2009 | 18:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql (aka libapache2-mod-auth-mysql) module for the Apache HTTP Server 2.x, when configured to use a multibyte character set that allows a \ (backslash) as part of the character encoding, allows remote attackers to execute arbitrary SQL commands via unspecified inputs in a login request.

Action-Not Available
Vendor-joey_schulzen/aThe Apache Software Foundation
Product-http_servermod_auth_mysqln/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-17200
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.97% / 85.98%
||
7 Day CHG~0.00%
Published-11 Sep, 2019 | 20:22
Updated-05 Aug, 2024 | 10:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. This service takes the `serviceContent` parameter in the request and deserializes it using XStream. This `XStream` instance is slightly guarded by disabling the creation of `ProcessBuilder`. However, this can be easily bypassed (and in multiple ways). Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16 r1850017+1850019

Action-Not Available
Vendor-The Apache Software Foundation
Product-ofbizOFBiz
CVE-2015-7521
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.3||HIGH
EPSS-0.40% / 60.13%
||
7 Day CHG~0.00%
Published-29 Jan, 2016 | 20:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The authorization framework in Apache Hive 1.0.0, 1.0.1, 1.1.0, 1.1.1, 1.2.0 and 1.2.1, on clusters protected by Ranger and SqlStdHiveAuthorization, allows attackers to bypass intended parent table access restrictions via unspecified partition-level operations.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-hiven/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-1309
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.86% / 85.72%
||
7 Day CHG~0.00%
Published-23 May, 2018 | 14:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior 1.x release should upgrade to the appropriate release.

Action-Not Available
Vendor-The Apache Software Foundation
Product-nifiApache NiFi
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2018-1287
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-1.98% / 82.82%
||
7 Day CHG~0.00%
Published-14 Feb, 2018 | 14:00
Updated-17 Sep, 2024 | 03:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache JMeter 2.X and 3.X, when using Distributed Test only (RMI based), jmeter server binds RMI Registry to wildcard host. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

Action-Not Available
Vendor-The Apache Software Foundation
Product-jmeterApache JMeter
CVE-2018-1282
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.99%
||
7 Day CHG~0.00%
Published-05 Apr, 2018 | 13:00
Updated-16 Sep, 2024 | 23:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.

Action-Not Available
Vendor-The Apache Software Foundation
Product-hiveApache Hive
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-1297
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-23.19% / 95.72%
||
7 Day CHG-0.89%
Published-13 Feb, 2018 | 12:00
Updated-17 Sep, 2024 | 03:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized code.

Action-Not Available
Vendor-The Apache Software Foundation
Product-jmeterApache JMeter
CWE ID-CWE-319
Cleartext Transmission of Sensitive Information
CVE-2015-6420
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-14.78% / 94.25%
||
7 Day CHG~0.00%
Published-15 Dec, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-commons_collectionsn/a
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2018-1290
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.62% / 68.98%
||
7 Day CHG~0.00%
Published-20 Apr, 2018 | 18:00
Updated-16 Sep, 2024 | 22:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, Using a single quotation escape with two continuous SQL parameters can cause a SQL injection. This could be done in Methods like retrieveAuditEntries of AuditsApiResource Class and retrieveCommands of MakercheckersApiResource Class.

Action-Not Available
Vendor-The Apache Software Foundation
Product-fineractApache Fineract
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-11788
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-24.75% / 95.93%
||
7 Day CHG~0.00%
Published-07 Jan, 2019 | 16:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XXE. This is a potential security risk as an user can inject external XML entities in Apache Karaf version prior to 4.1.7 or 4.2.2. It has been fixed in Apache Karaf 4.1.7 and 4.2.2 releases.

Action-Not Available
Vendor-The Apache Software Foundation
Product-karafApache Karaf
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2018-11756
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-5.24% / 89.59%
||
7 Day CHG~0.00%
Published-23 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

Action-Not Available
Vendor-The Apache Software FoundationThe PHP Group
Product-phpopenwhiskPHP Runtime for Apache OpenWhisk
CVE-2018-11801
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-3.32% / 86.76%
||
7 Day CHG~0.00%
Published-11 Jun, 2019 | 16:43
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on a m_center data related table.

Action-Not Available
Vendor-The Apache Software Foundation
Product-fineractApache Fineract
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2007-6258
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-7.5||HIGH
EPSS-39.48% / 97.20%
||
7 Day CHG~0.00%
Published-18 Feb, 2008 | 23:00
Updated-07 Aug, 2024 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the legacy mod_jk2 2.0.3-DEV and earlier Apache module allow remote attackers to execute arbitrary code via a long (1) Host header, or (2) Hostname within a Host header.

Action-Not Available
Vendor-n/aF5, Inc.The Apache Software Foundation
Product-mod_jkbig-ipn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-5797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.71% / 71.30%
||
7 Day CHG~0.00%
Published-03 Nov, 2007 | 00:00
Updated-07 Aug, 2024 | 15:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQLLoginModule in Apache Geronimo 2.0 through 2.1 does not throw an exception for a nonexistent username, which allows remote attackers to bypass authentication via a login attempt with any username not contained in the database.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-geronimon/a
CWE ID-CWE-287
Improper Authentication
CVE-2018-11800
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-3.32% / 86.76%
||
7 Day CHG~0.00%
Published-11 Jun, 2019 | 16:42
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerability in Apache Fineract before 1.3.0 allows attackers to execute arbitrary SQL commands via a query on the GroupSummaryCounts related table.

Action-Not Available
Vendor-The Apache Software Foundation
Product-fineractApache Fineract
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2018-11780
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-9.34% / 92.45%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 14:00
Updated-16 Sep, 2024 | 20:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.

Action-Not Available
Vendor-pdfinfo_projectCanonical Ltd.The Apache Software FoundationDebian GNU/Linux
Product-ubuntu_linuxpdfinfodebian_linuxspamassassinApache SpamAssassin
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-11792
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.55% / 66.97%
||
7 Day CHG~0.00%
Published-24 Oct, 2018 | 20:00
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with ALL privilege on that table due to the privilege inherited from the database.

Action-Not Available
Vendor-The Apache Software Foundation
Product-impalaApache Impala
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2015-5254
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-80.39% / 99.09%
||
7 Day CHG~0.00%
Published-08 Jan, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.

Action-Not Available
Vendor-n/aThe Apache Software FoundationRed Hat, Inc.Fedora Project
Product-openshiftfedoraactivemqn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-3188
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-12.42% / 93.65%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-stormn/a
CVE-2015-5168
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.88% / 82.43%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5206.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-traffic_servern/a
CVE-2015-5206
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.90% / 82.51%
||
7 Day CHG~0.00%
Published-13 Sep, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x before 5.3.2 has unknown impact and attack vectors, a different vulnerability than CVE-2015-5168.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-traffic_servern/a
CVE-2015-5344
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-4.97% / 89.27%
||
7 Day CHG~0.00%
Published-03 Feb, 2016 | 15:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-cameln/a
CVE-2017-5642
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.77% / 72.52%
||
7 Day CHG~0.00%
Published-03 Apr, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with proper ACLs.

Action-Not Available
Vendor-The Apache Software Foundation
Product-ambariApache Ambari
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-29599
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.57%
||
7 Day CHG~0.00%
Published-23 May, 2022 | 10:25
Updated-03 Aug, 2024 | 06:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Commandline class shell injection vulnerabilities

In Apache Maven maven-shared-utils prior to version 3.3.3, the Commandline class can emit double-quoted strings without proper escaping, allowing shell injection attacks.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxmaven_shared_utilsApache Maven
CWE ID-CWE-116
Improper Encoding or Escaping of Output
CVE-2017-5645
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.01% / 99.89%
||
7 Day CHG~0.00%
Published-17 Apr, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

Action-Not Available
Vendor-Red Hat, Inc.The Apache Software FoundationOracle CorporationNetApp, Inc.
Product-flexcube_investor_servicingenterprise_linux_desktopinstantis_enterprisetrackfinancial_services_profitability_managementpeoplesoft_enterprise_fin_installsiebel_ui_frameworkmysql_enterprise_monitorcommunications_online_mediation_controlleroncommand_insightrapid_planningoncommand_api_servicesfinancial_services_loan_loss_forecasting_and_provisioningretail_service_backboneinsurance_rules_paletteapplication_testing_suitecommunications_pricing_design_centercommunications_messaging_serverenterprise_manager_base_platformendeca_information_discovery_studioretail_extract_transform_and_loadfinancial_services_behavior_detection_platforminsurance_calculation_enginejdeveloperenterprise_linux_server_tuspolicy_automation_connector_for_siebelfusion_middleware_mapviewerenterprise_manager_for_fusion_middlewareprimavera_gatewayfinancial_services_hedge_management_and_ifrs_valuationsutilities_advanced_spatial_and_operational_analyticsenterprise_linux_server_ausbanking_platformretail_integration_busconfiguration_managersnapcenterenterprise_manager_for_peoplesoftutilities_work_and_asset_managementfinancial_services_analytical_applications_infrastructureretail_advanced_inventory_planninggoldengatepolicy_automationfinancial_services_regulatory_reporting_with_agilereporterjd_edwards_enterpriseone_toolsstorage_automation_storeretail_predictive_application_servercommunications_network_integrityenterprise_manager_for_mysql_databaseapi_gatewayenterprise_linux_server_eusenterprise_linuxtape_library_acslspolicy_automation_for_mobile_devicessoa_suiteretail_open_commerce_platformidentity_manager_connectorbi_publisherinsurance_policy_administrationcommunications_webrtc_session_controllerweblogic_serveridentity_analyticscommunications_converged_application_server_-_service_controllerenterprise_linux_workstationidentity_management_suiteenterprise_linux_servertimesten_in-memory_databaselog4jcommunications_instant_messaging_serverservice_level_managerautovue_vuelink_integrationenterprise_manager_for_oracle_databasefuseretail_clearance_optimization_enginecommunications_service_brokercommunications_interactive_session_recorderfinancial_services_lending_and_leasingoncommand_workflow_automationenterprise_data_qualitygoldengate_application_adaptersin-memory_performance-driven_planningApache Log4j
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-28890
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.60% / 68.44%
||
7 Day CHG~0.00%
Published-05 May, 2022 | 08:40
Updated-03 Aug, 2024 | 06:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Processing external DTDs

A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.

Action-Not Available
Vendor-The Apache Software Foundation
Product-jenaApache Jena
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2017-9800
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-61.85% / 98.28%
||
7 Day CHG~0.00%
Published-11 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

Action-Not Available
Vendor-The Apache Software Foundation
Product-subversionApache Subversion
CWE ID-CWE-20
Improper Input Validation
CVE-2003-0993
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-13.90% / 94.06%
||
7 Day CHG~0.00%
Published-01 Sep, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-http_servern/a
CVE-2018-1337
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-2.91% / 85.85%
||
7 Day CHG~0.00%
Published-10 Jul, 2018 | 13:00
Updated-17 Sep, 2024 | 01:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache Directory LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request).

Action-Not Available
Vendor-The Apache Software Foundation
Product-directory_ldap_apiApache Directory
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2007-0774
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-86.75% / 99.39%
||
7 Day CHG~0.00%
Published-04 Mar, 2007 | 22:00
Updated-07 Aug, 2024 | 12:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a URI worker map routine.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-tomcat_jk_web_server_connectorn/a
CVE-2017-7676
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.89% / 74.60%
||
7 Day CHG~0.00%
Published-14 Jun, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Policy resource matcher in Apache Ranger before 0.7.1 ignores characters after '*' wildcard character - like my*test, test*.txt. This can result in unintended behavior.

Action-Not Available
Vendor-The Apache Software Foundation
Product-rangerApache Ranger
CWE ID-CWE-20
Improper Input Validation
CVE-2017-7679
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-57.47% / 98.07%
||
7 Day CHG-0.55%
Published-20 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.

Action-Not Available
Vendor-The Apache Software Foundation
Product-http_serverApache HTTP Server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-126
Buffer Over-read
CVE-2020-1953
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-10||CRITICAL
EPSS-2.73% / 85.39%
||
7 Day CHG~0.00%
Published-13 Mar, 2020 | 14:58
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this library. So if a YAML file was loaded from an untrusted source, it could therefore load and execute code out of the control of the host application.

Action-Not Available
Vendor-The Apache Software FoundationOracle Corporation
Product-commons_configurationdatabase_serverhealthcare_foundationApache Commons Configuration
CVE-2018-1285
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-49.02% / 97.69%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 16:41
Updated-05 Aug, 2024 | 03:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

Action-Not Available
Vendor-n/aNetApp, Inc.The Apache Software FoundationFedora ProjectOracle Corporation
Product-manageability_software_development_kitfedorahospitality_simphonyhospitality_opera_5application_testing_suitelog4netsnapcenterApache log4net
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2020-1959
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 81.26%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 12:25
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Server-Side Template Injection was identified in Apache Syncope prior to 2.1.6 enabling attackers to inject arbitrary Java EL expressions, leading to an unauthenticated Remote Code Execution (RCE) vulnerability. Apache Syncope uses Java Bean Validation (JSR 380) custom constraint validators. When building custom constraint violation error messages, they support different types of interpolation, including Java EL expressions. Therefore, if an attacker can inject arbitrary data in the error message template being passed, they will be able to run arbitrary Java code.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-syncopeApache Syncope
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2015-3253
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-52.46% / 97.84%
||
7 Day CHG~0.00%
Published-13 Aug, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.

Action-Not Available
Vendor-n/aThe Apache Software FoundationOracle Corporation
Product-retail_order_broker_cloud_serviceretail_service_backbonehealth_sciences_clinical_development_centerretail_store_inventory_managementgroovywebcenter_sitesn/a
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-1952
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-1.65% / 81.28%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 16:16
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.

Action-Not Available
Vendor-The Apache Software Foundation
Product-iotdbIoTDB
CWE ID-CWE-295
Improper Certificate Validation
CVE-2017-7673
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.18%
||
7 Day CHG~0.00%
Published-14 Jul, 2017 | 15:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache OpenMeetings 1.0.0 uses not very strong cryptographic storage, captcha is not used in registration and forget password dialogs and auth forms missing brute force protection.

Action-Not Available
Vendor-The Apache Software Foundation
Product-openmeetingsApache OpenMeetings
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2020-1947
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-88.98% / 99.50%
||
7 Day CHG~0.00%
Published-11 Mar, 2020 | 20:40
Updated-04 Aug, 2024 | 06:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE.

Action-Not Available
Vendor-The Apache Software Foundation
Product-shardingsphereApache ShardingSphere(incubator)
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2015-3249
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.61% / 87.33%
||
7 Day CHG~0.00%
Published-30 Oct, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5.3.1 allows remote attackers to cause a denial of service (out-of-bounds access and daemon crash) or possibly execute arbitrary code via vectors related to the (1) frame_handlers array or (2) set_dynamic_table_size function.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-traffic_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2006-6588
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.60% / 85.06%
||
7 Day CHG~0.00%
Published-15 Dec, 2006 | 19:00
Updated-16 Sep, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) trusts the (1) dataResourceTypeId, (2) contentTypeId, and certain other hidden form fields, which allows remote attackers to create unauthorized types of content, modify content, or have other unknown impact.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-ofbizn/a
CVE-2020-1948
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-68.00% / 98.53%
||
7 Day CHG~0.00%
Published-14 Jul, 2020 | 13:11
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

This vulnerability can affect all Dubbo users stay on version 2.7.6 or lower. An attacker can send RPC requests with unrecognized service name or method name along with some malicious parameter payloads. When the malicious parameter is deserialized, it will execute some malicious code. More details can be found below.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-dubboApache Dubbo
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2015-3252
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.87% / 82.35%
||
7 Day CHG~0.00%
Published-08 Feb, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-cloudstackn/a
CVE-2018-1273
Matching Score-8
Assigner-Dell
ShareView Details
Matching Score-8
Assigner-Dell
CVSS Score-9.8||CRITICAL
EPSS-93.99% / 99.88%
||
7 Day CHG-0.02%
Published-11 Apr, 2018 | 13:00
Updated-30 Jul, 2025 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-04-15||Apply updates per vendor instructions.

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user (or attacker) can supply specially crafted request parameters against Spring Data REST backed HTTP resources or using Spring Data's projection-based request payload binding hat can lead to a remote code execution attack.

Action-Not Available
Vendor-VMware (Broadcom Inc.)The Apache Software FoundationOracle Corporation
Product-ignitespring_data_commonsspring_data_restfinancial_services_crime_and_compliance_management_studioSpring FrameworkSpring Data Commons
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2020-17530
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-94.39% / 99.97%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 01:11
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

Action-Not Available
Vendor-The Apache Software FoundationOracle Corporation
Product-communications_policy_managementfinancial_services_data_integration_hubcommunications_pricing_design_centerbusiness_intelligencestrutscommunications_diameter_intelligence_hubmysql_enterprise_monitorhospitality_opera_5Apache StrutsStruts
CWE ID-CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
CVE-2022-26612
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.18% / 39.33%
||
7 Day CHG-0.01%
Published-07 Apr, 2022 | 18:20
Updated-03 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arbitrary file write in FileUtil#unpackEntries on Windows

In Apache Hadoop, The unTar function uses unTarUsingJava function on Windows and the built-in tar utility on Unix and other OSes. As a result, a TAR entry may create a symlink under the expected extraction directory which points to an external directory. A subsequent TAR entry may extract an arbitrary file into the external directory using the symlink name. This however would be caught by the same targetDirPath check on Unix because of the getCanonicalPath call. However on Windows, getCanonicalPath doesn't resolve symbolic links, which bypasses the check. unpackEntries during TAR extraction follows symbolic links which allows writing outside expected base directory on Windows. This was addressed in Apache Hadoop 3.2.3

Action-Not Available
Vendor-The Apache Software FoundationMicrosoft Corporation
Product-windowshadoopApache Hadoop
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-11773
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-0.88% / 74.40%
||
7 Day CHG~0.00%
Published-29 Jul, 2019 | 18:11
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The implementation of strtotime at the time the issue was discovered appeared to be resistant to a malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.

Action-Not Available
Vendor-The Apache Software Foundation
Product-virtual_computing_labVCL
CWE ID-CWE-20
Improper Input Validation
CVE-2015-1831
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-6.00% / 90.34%
||
7 Day CHG~0.00%
Published-16 Jul, 2015 | 14:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The default exclude patterns (excludeParams) in Apache Struts 2.3.20 allow remote attackers to "compromise internal state of an application" via unspecified vectors.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-strutsn/a
CVE-2020-1961
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-7.13% / 91.18%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 12:28
Updated-04 Aug, 2024 | 06:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability to Server-Side Template Injection on Mail templates for Apache Syncope 2.0.X releases prior to 2.0.15, 2.1.X releases prior to 2.1.6, enabling attackers to inject arbitrary JEXL expressions, leading to Remote Code Execution (RCE) was discovered.

Action-Not Available
Vendor-n/aThe Apache Software Foundation
Product-syncopeApache Syncope
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2020-17510
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-9.8||CRITICAL
EPSS-1.02% / 76.34%
||
7 Day CHG~0.00%
Published-05 Nov, 2020 | 20:17
Updated-04 Aug, 2024 | 14:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.

Action-Not Available
Vendor-n/aThe Apache Software FoundationDebian GNU/Linux
Product-shirodebian_linuxApache Shiro
CWE ID-CWE-287
Improper Authentication
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 10
  • 11
  • Next
Details not found