Fournisseur Apache

Chronologie

Taper »

Produit »

Contre-mesures »

Exploitabilité »

Vecteur d'accès »

Authentification »

Interaction de l'utilisateur »

C3BM Index »

CVSSv3 Base »

CVSSv3 Temp »

VulDB »

NVD »

Fournisseur »

Research »

Exploiter 0 jour »

Exploiter aujourd'hui »

Exploiter le volume du marché »

🔴 CTI Activités »

Affected Products (242): APISIX (1), APISIX Dashboard (1), APR-util (2), ATS (1), Accumulo (1), ActiveMQ (28), ActiveMQ Artemis (5), ActiveMQ Client (2), Airflow (22), Allura (3), Ambari (14), Apache Test (1), Archiva (13), Arrow (2), AsterixDB (1), Atlas (9), Axis (5), Axis2 (6), Batik (5), Beam MongoDB Connector (1), Brooklyn (3), C (1), CXF (30), CXF Fediz (6), Calcite (1), Camel (19), Camel Mail (1), Cassandra (4), Cayenne (1), Chainsaw (1), CloudStack (13), Cocoon (2), Commons (1), Commons-compress (1), Commons-httpclient (2), Commons Beanutils (1), Commons Collections Library (1), Commons Components HttpClient (1), Commons Compress (2), Commons Configuration (1), Commons Email (1), Commons FileUpload (4), Commons IO (1), Continuum (1), Cordova (6), Cordova-Android (2), Cordova Android (1), Cordova File-Transfer Standalone Plugin (1), Cordova In-App-Browser Standalone Plugin (1), Cordova iOS (2), CouchDB (11), DeltaSpike-JSF (1), Derby (7), Directory LDAP API (1), Directory Studio (1), DolphinScheduler (1), Drill (1), DriverHive JDBC Driver (1), Druid (4), Dubbo (7), Engine (1), FOP (1), FileZilla (1), Fineract (9), Flex (1), Flex BlazeDS (1), Flink (3), Geode (11), Geode Cluster (1), Geronimo (10), Groovy (2), Guacamole (4), HBase (3), HTTP Server (241), Hadoop (27), Heron (1), Hive (9), HttpClient (3), Ignite (5), Impala (6), Incubator Superset (2), IoTDB (1), JMeter (2), JSPWiki (11), Jackrabbit (3), Jackrabbit Oak (1), Jakarta Slide (1), Jakarta Tomcat (5), James (4), James Server (1), JetSpeed (5), KNOX (1), Kafka (4), Karaf (7), Kylin (1), LDAP API (1), LDAP Studio (1), Libcloud (2), Log4j (1), Log4j SMTP Appender (1), MINA (1), MXNet (1), Maven (2), Mesos (6), Mod-gnutls (1), Mod Fcgid (2), Mod Jk (1), Mod Perl (1), Mod Python (1), MyFaces (3), MyFaces Core (2), MyFaces Tomahawk (1), MyFaces Trinidad (1), NetBeans (5), NiFi (25), Nutch (1), NuttX (4), ODE (1), OFBiz (20), ORC (1), Olingo (4), Oozie (3), Open For Business Project (8), OpenJPA (1), OpenMeetings (20), OpenNLP (1), OpenOffice (22), Open Office (1), Opentaps (1), Operating System (5), Ozone (1), PDFbox (8), POI (8), Pluto (1), Pony Mail (2), Portable Runtime (2), Portable Runtime APR (1), Portable Runtime Utility (1), Pulsar (1), Pulsar Manager (1), QPID (1), Qbid Java (1), Qpid (10), Qpid AMQP JMS Client (1), Qpid Broker-J (5), Qpid Broker for Java (1), Qpid Dispatch Router (1), Qpid Java (1), Qpid Proton (2), Qpid Proton-J Transport (1), RabbitMQ (2), Rampart-C (1), Ranger (14), Rave (1), RocketMQ (1), Roller (8), Sanselan (2), Santuario XML Security for Java (1), Sentry (2), ServiceComb-Java-Chassis (1), ShardingSphere (1), Shindig (1), Shiro (9), SkyWalking (2), Sling (7), Sling API (1), Sling JCR ContentLoader (1), Sling Servlets Post (1), Sling XSS Protection API (1), Solr (29), SpamAssassin (8), Spark (7), Standard Taglibs (1), Storm (8), Struts (86), Struts2 (1), Struts REST Plugin (1), Subversion (42), Superset (6), Synapse (1), Syncope (9), Syncope EndUser (1), Tapestry (8), Thrift (5), Thrift Java Client Library (1), Thrift Node.js Static Web Server (1), Tika (16), Tike (1), Tiles (1), TomEE (4), Tomcat (188), Tomcat Connectors (1), Tomcat JK ISAPI Connector (2), Tomcat JK Web Server Connector (2), Tomcat Native (2), Tomcat Native Connector (1), Tomcat Security Manager (1), Tomcat Servlet Engine (1), Traffic Control (3), Traffic Server (30), UIMA DUCC (1), Unomi (3), VCL (1), Velocity Engine (1), Velocity Tools (1), WSS4J (2), Wicket (15), Wink (1), XAMPP (2), XML-RPC (1), XML Security (1), XML Security for C++ (5), XML Security for Java (1), Xalan-Java (1), Xerces (1), Xerces-C (4), Xerces-C++ (5), Xerces2 (1), Xerces C++ (1), XmlGraphics Commons (1), Zeppelin (3), ZooKeper (1), Zookeeper (4), ant (2), axis2 (1), couchdb (1), expressions (1), httpd (1), jUDDI (4), jUDDI Console (1), jserv (1), libcloud (1), log4net (2), mod_auth_radius (1), mod_python (1), qpid (2), roller (1), uima-as (1), uimaDUCC (1), uimaFIT (1), uimaj (1), wicket-jquery-ui (1)

Link to Vendor Website: https://www.apache.org/

PubliéBaseTempVulnérabilitéProdExpConCTICVE
02/07/20214.34.3Apache Druid inputSource divulgation de l'informationInconnueNot DefinedOfficial Fix1.26CVE-2021-26920
30/06/20215.55.5Apache Traffic Server cachekey Plugin buffer overflowInconnueNot DefinedNot Defined0.06CVE-2021-35474
30/06/20216.46.4Apache Traffic Server HTTP2 dénie de serviceInconnueNot DefinedNot Defined0.06CVE-2021-32567
30/06/20216.46.4Apache Traffic Server HTTP2 dénie de serviceInconnueNot DefinedNot Defined0.11CVE-2021-32566
29/06/20215.55.5Apache Traffic Server Content-Length Header elévation de privilègesInconnueNot DefinedNot Defined0.00CVE-2021-32565
29/06/20215.45.4Apache Traffic Server Cache elévation de privilègesInconnueNot DefinedNot Defined0.00CVE-2021-27577
21/06/20216.36.0Apache NuttX Memory Allocation memalign buffer overflowInconnueNot DefinedOfficial Fix0.08CVE-2021-26461
16/06/20213.53.4Apache CXF JSON JsonMapObjectReaderWriter dénie de serviceApplication Server SoftwareNot DefinedOfficial Fix0.17CVE-2021-30468
16/06/20215.55.3Apache Chainsaw elévation de privilègesInconnueNot DefinedOfficial Fix0.08CVE-2020-9493
15/06/20215.35.1Apache HTTP Server mod_http2 dénie de serviceWeb ServerNot DefinedOfficial Fix0.06CVE-2021-31618
13/06/20213.53.5Apache PDFbox PDF File dénie de serviceInconnueNot DefinedNot Defined0.00CVE-2021-31812
13/06/20213.53.5Apache PDFbox dénie de serviceInconnueNot DefinedNot Defined0.06CVE-2021-31811
10/06/20214.34.1Apache HTTP Server dénie de serviceWeb ServerNot DefinedOfficial Fix0.75CVE-2020-13938
10/06/20215.65.4Apache HTTP Server MergeSlashes Remote Code ExecutionWeb ServerNot DefinedOfficial Fix0.23CVE-2021-30641
10/06/20217.37.0Apache HTTP Server mod_session buffer overflowWeb ServerNot DefinedOfficial Fix0.06CVE-2021-26691
10/06/20215.35.1Apache HTTP Server mod_session dénie de serviceWeb ServerNot DefinedOfficial Fix0.29CVE-2021-26690
10/06/20215.35.1Apache HTTP Server mod_proxy_http dénie de serviceWeb ServerNot DefinedOfficial Fix0.21CVE-2020-13950
10/06/20217.37.0Apache HTTP Server mod_proxy_wstunnel authentification faibleWeb ServerNot DefinedOfficial Fix0.16CVE-2019-17567
10/06/20215.65.4Apache HTTP Server mod_auth_digest buffer overflowWeb ServerNot DefinedOfficial Fix0.16CVE-2020-35452
09/06/20213.53.4Apache APISIX Dashboard divulgation de l'informationForum SoftwareNot DefinedOfficial Fix0.06CVE-2021-33190
02/06/20215.55.3Apache Dubbo Script Routing vulnérabilité inconnueInconnueNot DefinedOfficial Fix0.22CVE-2021-30181
02/06/20215.55.3Apache Dubbo Tag Routing vulnérabilité inconnueInconnueNot DefinedOfficial Fix0.57CVE-2021-30180
02/06/20215.55.3Apache Dubbo parseURL elévation de privilègesInconnueNot DefinedOfficial Fix0.09CVE-2021-25640
02/06/20216.36.0Apache Dubbo Java Reflection API elévation de privilègesInconnueNot DefinedOfficial Fix0.06CVE-2021-30179
02/06/20217.37.0Apache Dubbo Byte Preamble Flag elévation de privilègesInconnueNot DefinedOfficial Fix0.07CVE-2021-25641
28/05/20215.04.8Apache Fineract configureClient authentification faibleInconnueNot DefinedOfficial Fix0.05CVE-2020-17514
26/05/20215.05.0Apache Pulsar JWT authentification faibleInconnueNot DefinedNot Defined0.00CVE-2021-22160
26/05/20213.53.5Apache Wicket WebClientInfo dénie de serviceInconnueNot DefinedNot Defined0.00CVE-2021-23937
15/05/20214.34.3Apache Traffic Server Slicer Plugin dénie de serviceInconnueNot DefinedNot Defined0.06CVE-2021-27737
04/05/20215.55.3Apache Unomi Log elévation de privilègesInconnueNot DefinedOfficial Fix0.07CVE-2021-31164
02/05/20213.53.4Apache Airflow trigger cross site scriptingInconnueNot DefinedOfficial Fix0.06CVE-2021-28359
28/04/20213.53.5Apache Tapestry URL divulgation de l'informationInconnueNot DefinedNot Defined0.09CVE-2021-30638
28/04/20215.55.3Apache OFBiz elévation de privilègesInconnueNot DefinedOfficial Fix0.11CVE-2021-30128
28/04/20217.37.0Apache OFBiz elévation de privilègesInconnueNot DefinedOfficial Fix0.07CVE-2021-29200
27/04/20214.94.9Apache Superset External URL RedirectInconnueNot DefinedNot Defined0.00CVE-2021-28125
27/04/20216.36.0Apache Ozone elévation de privilègesInconnueNot DefinedOfficial Fix0.06CVE-2020-17517
23/04/20214.64.4Apache Maven Project Object Model vulnérabilité inconnueVersioning SoftwareNot DefinedOfficial Fix0.19CVE-2021-26291
16/04/20216.36.0Apache OpenOffice Hyperlink Remote Code ExecutionOffice Suite SoftwareNot DefinedOfficial Fix0.09CVE-2021-30245
15/04/20215.35.1Apache Tapestry AppModule.class elévation de privilègesInconnueNot DefinedOfficial Fix0.12CVE-2021-27850
13/04/20216.36.0Apache Solr ConfigurableInternodeAuthHadoopPlugin elévation de privilègesInconnueNot DefinedOfficial Fix0.17CVE-2021-29943
13/04/20215.55.3Apache Commons IO FileNameUtils.normalize directory traversalInconnueNot DefinedOfficial Fix0.00CVE-2021-29425
13/04/20213.53.4Apache Solr VMParamsAllAndReadonlyDigestZkACLProvider divulgation de l'informationInconnueNot DefinedOfficial Fix0.00CVE-2021-29262
13/04/20215.55.3Apache Solr replication elévation de privilègesInconnueNot DefinedOfficial Fix0.12CVE-2021-27905
02/04/20214.64.4Apache CXF JWT Token elévation de privilègesApplication Server SoftwareNot DefinedOfficial Fix0.06CVE-2021-22696
31/03/20214.54.3Apache Tika MP3Parser dénie de serviceInconnueNot DefinedOfficial Fix0.11CVE-2021-28657
30/03/20217.16.8Apache Druid JDBC elévation de privilègesInconnueNot DefinedOfficial Fix0.23CVE-2021-26919
26/03/20217.67.3Apache SpamAssassin Rule Configuration elévation de privilègesAnti-Spam SoftwareNot DefinedOfficial Fix0.07CVE-2020-1946
23/03/20218.07.7Apache OFBiz elévation de privilègesInconnueNot DefinedOfficial Fix0.08CVE-2021-26295
20/03/20214.54.5Apache PDFbox dénie de serviceInconnueNot DefinedNot Defined0.05CVE-2021-27906
20/03/20214.54.5Apache PDFbox PDF File dénie de serviceInconnueNot DefinedNot Defined0.05CVE-2021-27807

Want to stay up to date on a daily basis?

Enable the mail alert feature now!