Filtered by vendor Apache
Subscribe
Total
2238 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-6587 | 1 Apache | 1 Ofbiz | 2019-07-17 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the forum implementation in the ecommerce component in the Apache Open For Business Project (OFBiz) allows remote attackers to inject arbitrary web script or HTML by posting a message. | |||||
| CVE-2017-3157 | 3 Apache, Debian, Redhat | 8 Openoffice, Debian Linux, Enterprise Linux Desktop and 5 more | 2019-05-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back. | |||||
| CVE-2016-6793 | 1 Apache | 1 Wicket | 2019-05-06 | 6.4 MEDIUM | 9.1 CRITICAL |
| The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.17 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object. | |||||
| CVE-2016-8748 | 1 Apache | 1 Nifi | 2019-05-01 | 3.5 LOW | 5.4 MEDIUM |
| In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. The user supplied text was not being properly handled when added to the DOM. | |||||
| CVE-2016-4461 | 2 Apache, Netapp | 2 Struts, Oncommand Balance | 2019-05-01 | 9.0 HIGH | 8.8 HIGH |
| Apache Struts 2.x before 2.3.29 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-0785. | |||||
| CVE-2017-15707 | 3 Apache, Netapp, Oracle | 12 Struts, Oncommand Balance, Agile Plm Framework and 9 more | 2019-04-26 | 5.0 MEDIUM | 6.2 MEDIUM |
| In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. | |||||
| CVE-2016-8750 | 1 Apache | 1 Karaf | 2019-04-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. However, it did not encoding usernames properly and hence was vulnerable to LDAP injection attacks leading to a denial of service. | |||||
| CVE-2018-1321 | 1 Apache | 1 Syncope | 2019-04-25 | 6.5 MEDIUM | 7.2 HIGH |
| An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution. | |||||
| CVE-2018-8026 | 2 Apache, Netapp | 3 Solr, Snapcenter, Storage Automation Store | 2019-03-29 | 2.1 LOW | 5.5 MEDIUM |
| This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability. | |||||
| CVE-2018-1322 | 1 Apache | 1 Syncope | 2019-03-08 | 4.0 MEDIUM | 4.9 MEDIUM |
| An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11, 2.0.x before 2.0.8, and unsupported releases 1.0.x and 1.1.x which may be also affected, can recover sensitive security values using the fiql and orderby parameters. | |||||
| CVE-2018-1294 | 1 Apache | 1 Commons Email | 2019-03-07 | 5.0 MEDIUM | 7.5 HIGH |
| If a user of Apache Commons Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You can mitigate this vulnerability for older versions of Commons Email by stripping line-breaks from data, that will be passed to Email.setBounceAddress(String). | |||||
| CVE-2016-8736 | 1 Apache | 1 Openmeetings | 2019-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| Apache OpenMeetings before 3.1.2 is vulnerable to Remote Code Execution via RMI deserialization attack. | |||||
| CVE-2016-8751 | 1 Apache | 1 Ranger | 2019-03-01 | 3.5 LOW | 4.8 MEDIUM |
| Apache Ranger before 0.6.3 is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies. | |||||
| CVE-2018-1306 | 1 Apache | 1 Pluto | 2019-03-01 | 5.0 MEDIUM | 7.5 HIGH |
| The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information. | |||||
| CVE-2015-7520 | 1 Apache | 1 Wicket | 2019-02-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element. | |||||
| CVE-2018-11788 | 1 Apache | 1 Karaf | 2019-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XXE. This is a potential security risk as an user can inject external XML entities in Apache Karaf version prior to 4.1.7 or 4.2.2. It has been fixed in Apache Karaf 4.1.7 and 4.2.2 releases. | |||||
| CVE-2015-5343 | 2 Apache, Debian | 2 Subversion, Debian Linux | 2019-02-12 | 8.0 HIGH | 7.6 HIGH |
| Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow. | |||||
| CVE-2015-5347 | 1 Apache | 1 Wicket | 2019-02-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a ModalWindow title. | |||||
| CVE-2018-17193 | 1 Apache | 1 Nifi | 2019-02-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Mitigation: The fix to correctly parse and sanitize the request attribute value was applied on the Apache NiFi 1.8.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | |||||
| CVE-2018-17187 | 1 Apache | 1 Qpid Proton-j | 2019-01-31 | 5.8 MEDIUM | 7.4 HIGH |
| The Apache Qpid Proton-J transport includes an optional wrapper layer to perform TLS, enabled by use of the 'transport.ssl(...)' methods. Unless a verification mode was explicitly configured, client and server modes previously defaulted as documented to not verifying a peer certificate, with options to configure this explicitly or select a certificate verification mode with or without hostname verification being performed. The latter hostname verifying mode was not implemented in Apache Qpid Proton-J versions 0.3 to 0.29.0, with attempts to use it resulting in an exception. This left only the option to verify the certificate is trusted, leaving such a client vulnerable to Man In The Middle (MITM) attack. Uses of the Proton-J protocol engine which do not utilise the optional transport TLS wrapper are not impacted, e.g. usage within Qpid JMS. Uses of Proton-J utilising the optional transport TLS wrapper layer that wish to enable hostname verification must be upgraded to version 0.30.0 or later and utilise the VerifyMode#VERIFY_PEER_NAME configuration, which is now the default for client mode usage unless configured otherwise. | |||||