Filtered by vendor Apache
Subscribe
Search
Total
1894 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1282 | 1 Apache | 1 Hive | 2018-05-15 | 7.5 HIGH | 9.1 CRITICAL |
| This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation. | |||||
| CVE-2018-1284 | 1 Apache | 1 Hive | 2018-05-15 | 4.3 MEDIUM | 3.7 LOW |
| In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if hive.server2.enable.doAs=false. | |||||
| CVE-2016-6811 | 1 Apache | 1 Hadoop | 2018-05-10 | 9.0 HIGH | 8.8 HIGH |
| In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. | |||||
| CVE-2013-1768 | 1 Apache | 1 Openjpa | 2018-04-20 | 7.5 HIGH | N/A |
| The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs. | |||||
| CVE-2018-1316 | 1 Apache | 1 Ode | 2018-03-27 | 6.4 MEDIUM | 7.5 HIGH |
| The ODE process deployment web service was sensible to deployment messages with forged names. Using a path for the name was allowing directory traversal, resulting in the potential writing of files under unwanted locations, the overwriting of existing files or their deletion. This issue was addressed in Apache ODE 1.3.3 which was released in 2009, however the incorrect name CVE-2008-2370 was used on the advisory by mistake. | |||||
| CVE-2017-15692 | 1 Apache | 1 Geode | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data. If an unprivileged user gains access to the Geode locator, they may be able to cause remote code execution if certain classes are present on the classpath. | |||||
| CVE-2017-15693 | 1 Apache | 1 Geode | 2018-03-23 | 6.0 MEDIUM | 7.5 HIGH |
| In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are present on the classpath. | |||||
| CVE-2017-7671 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump. | |||||
| CVE-2017-5660 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2018-03-21 | 5.0 MEDIUM | 8.6 HIGH |
| There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding. This can have issues when interacting with upstream proxies and the wrong host being used. | |||||
| CVE-2009-4267 | 1 Apache | 1 Juddi | 2018-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter. | |||||
| CVE-2015-0203 | 1 Apache | 1 Qpid | 2018-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach. | |||||
| CVE-2017-15696 | 1 Apache | 1 Geode | 2018-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator to extract configuration data and previously deployed application code. | |||||
| CVE-2012-3536 | 1 Apache | 1 Hupa | 2018-03-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. An attacker could send a carefully crafted email to a user of Hupa which would trigger a XSS when the email was opened or when a list of messages were viewed. This issue was addressed in Hupa 0.0.3. | |||||
| CVE-2017-15712 | 1 Apache | 1 Oozie | 2018-03-16 | 6.8 MEDIUM | 6.5 MEDIUM |
| Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. The malicious user can construct a workflow XML file containing XML directives and configuration that reference sensitive files on the Oozie server host. | |||||
| CVE-2017-15699 | 1 Apache | 2 Qpid Dispatch, Qpid Dispatch Firmware | 2018-03-15 | 6.8 MEDIUM | 6.5 MEDIUM |
| A Denial of Service vulnerability was found in Apache Qpid Dispatch Router versions 0.7.0 and 0.8.0. To exploit this vulnerability, a remote user must be able to establish an AMQP connection to the Qpid Dispatch Router and send a specifically crafted AMQP frame which will cause it to segfault and shut down. | |||||
| CVE-2016-8742 | 2 Apache, Microsoft | 2 Couchdb, Windows | 2018-03-14 | 7.2 HIGH | 7.8 HIGH |
| The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB batch or binary files. A subsequent service or server restart will then run that binary with administrator privilege. This issue affected CouchDB 2.0.0 (Windows platform only) and was addressed in CouchDB 2.0.0.1. | |||||
| CVE-2016-6813 | 1 Apache | 1 Cloudstack | 2018-03-13 | 7.5 HIGH | 9.8 CRITICAL |
| Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-"root") CloudStack user, the malicious user may be able to reset the API keys for the other user, in turn accessing their account and resources. | |||||
| CVE-2018-1299 | 1 Apache | 1 Allura | 2018-03-13 | 5.0 MEDIUM | 7.5 HIGH |
| In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. Some webservers used with Allura, such as Nginx, Apache/mod_wsgi or paster may prevent the attack from succeeding. Others, such as gunicorn do not prevent it and leave Allura vulnerable. | |||||
| CVE-2018-1298 | 1 Apache | 1 Qpid Broker-j | 2018-03-10 | 4.3 MEDIUM | 5.9 MEDIUM |
| A Denial of Service vulnerability was found in Apache Qpid Broker-J 7.0.0 in functionality for authentication of connections for AMQP protocols 0-8, 0-9, 0-91 and 0-10 when PLAIN or XOAUTH2 SASL mechanism is used. The vulnerability allows unauthenticated attacker to crash the broker instance. AMQP 1.0 and HTTP connections are not affected. An authentication of incoming AMQP connections in Apache Qpid Broker-J is performed by special entities called "Authentication Providers". Each Authentication Provider can support several SASL mechanisms which are offered to the connecting clients as part of SASL negotiation process. The client chooses the most appropriate SASL mechanism for authentication. Authentication Providers of following types supports PLAIN SASL mechanism: Plain, PlainPasswordFile, SimpleLDAP, Base64MD5PasswordFile, MD5, SCRAM-SHA-256, SCRAM-SHA-1. XOAUTH2 SASL mechanism is supported by Authentication Providers of type OAuth2. If an AMQP port is configured with any of these Authentication Providers, the Broker may be vulnerable. | |||||
| CVE-2018-1307 | 1 Apache | 1 Juddi | 2018-03-08 | 6.8 MEDIUM | 8.1 HIGH |
| In Apache jUDDI 3.2 through 3.3.4, if using the WADL2Java or WSDL2Java classes, which parse a local or remote XML document and then mediates the data structures into UDDI data structures, there are little protections present against entity expansion and DTD type of attacks. Mitigation is to use 3.3.5. | |||||
| CVE-2013-4317 | 1 Apache | 1 Cloudstack | 2018-02-26 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own. | |||||
| CVE-2017-12632 | 1 Apache | 1 Nifi | 2018-02-13 | 5.0 MEDIUM | 7.5 HIGH |
| A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and compare to a controlled whitelist was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | |||||
| CVE-2017-15697 | 1 Apache | 1 Nifi | 2018-02-12 | 7.5 HIGH | 9.8 CRITICAL |
| A malicious X-ProxyContextPath or X-Forwarded-Context header containing external resources or embedded code could cause remote code execution. The fix to properly handle these headers was applied on the Apache NiFi 1.5.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | |||||
| CVE-2017-15703 | 1 Apache | 1 Nifi | 2018-02-12 | 3.5 LOW | 5.0 MEDIUM |
| Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a denial of service via Java deserialization attack. The fix to properly handle Java deserialization was applied on the Apache NiFi 1.4.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | |||||
| CVE-2017-15713 | 1 Apache | 1 Hadoop | 2018-02-06 | 4.0 MEDIUM | 6.5 MEDIUM |
| Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host. | |||||
| CVE-2017-3158 | 1 Apache | 1 Guacamole | 2018-02-05 | 6.8 MEDIUM | 8.1 HIGH |
| A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap. Such overlapping writes could cause packet data to be misread as the packet length, resulting in the remaining data being written beyond the end of a statically-allocated buffer. | |||||
| CVE-2012-3353 | 1 Apache | 1 Sling Jcr Contentloader | 2018-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks. Users should upgrade to version 2.1.6 of the JCR ContentLoader | |||||
| CVE-2017-15717 | 1 Apache | 2 Sling Xss Protection Api, Sling Xss Protection Api Compat | 2018-02-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads. The affected versions are Apache Sling XSS Protection API 1.0.4 to 1.0.18, Apache Sling XSS Protection API Compat 1.1.0 and Apache Sling XSS Protection API 2.0.0. | |||||
| CVE-2017-9796 | 1 Apache | 1 Geode | 2018-02-02 | 3.5 LOW | 5.3 MEDIUM |
| When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions. | |||||
| CVE-2017-12622 | 1 Apache | 1 Geode | 2018-02-01 | 5.5 MEDIUM | 7.1 HIGH |
| When an Apache Geode cluster before v1.3.0 is operating in secure mode and an authenticated user connects to a Geode cluster using the gfsh tool with HTTP, the user is able to obtain status information and control cluster members even without CLUSTER:MANAGE privileges. | |||||
| CVE-2017-15714 | 1 Apache | 1 Ofbiz | 2018-01-24 | 7.5 HIGH | 9.8 CRITICAL |
| The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute. | |||||
| CVE-2017-5663 | 1 Apache | 1 Fineract | 2018-01-12 | 6.5 MEDIUM | 8.8 HIGH |
| In Apache Fineract 0.4.0-incubating, 0.5.0-incubating, and 0.6.0-incubating, an authenticated user with client/loan/center/staff/group read permissions is able to inject malicious SQL into SELECT queries. The 'sqlSearch' parameter on a number of endpoints is not sanitized and appended directly to the query. | |||||
| CVE-2007-6750 | 1 Apache | 1 Http Server | 2018-01-10 | 5.0 MEDIUM | N/A |
| The Apache HTTP Server 1.x and 2.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris, related to the lack of the mod_reqtimeout module in versions before 2.2.15. | |||||
| CVE-2011-4858 | 1 Apache | 1 Tomcat | 2018-01-09 | 5.0 MEDIUM | N/A |
| Apache Tomcat before 5.5.35, 6.x before 6.0.35, and 7.x before 7.0.23 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. | |||||
| CVE-2011-1928 | 1 Apache | 2 Apr-util, Http Server | 2018-01-06 | 4.3 MEDIUM | N/A |
| The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified types of wildcard patterns, as demonstrated by attacks against mod_autoindex in httpd when a /*/WEB-INF/ configuration pattern is used. NOTE: this issue exists because of an incorrect fix for CVE-2011-0419. | |||||
| CVE-2017-15700 | 1 Apache | 1 Sling Authentication Service | 2018-01-05 | 4.3 MEDIUM | 8.8 HIGH |
| A flaw in the org.apache.sling.auth.core.AuthUtil#isRedirectValid method in Apache Sling Authentication Service 1.4.0 allows an attacker, through the Sling login form, to trick a victim to send over their credentials. | |||||
| CVE-2017-12630 | 1 Apache | 1 Drill | 2018-01-05 | 3.5 LOW | 5.4 MEDIUM |
| In Apache Drill 1.11.0 and earlier when submitting form from Query page users are able to pass arbitrary script or HTML which will take effect on Profile page afterwards. Example: after submitting special script that returns cookie information from Query page, malicious user may obtain this information from Profile page afterwards. | |||||
| CVE-2016-6325 | 2 Apache, Redhat | 11 Tomcat, Enterprise Linux, Enterprise Linux Desktop and 8 more | 2018-01-05 | 7.2 HIGH | 7.8 HIGH |
| The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group. | |||||
| CVE-2015-3254 | 1 Apache | 1 Thrift | 2018-01-05 | 4.0 MEDIUM | 6.5 MEDIUM |
| The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function. | |||||
| CVE-2012-6153 | 1 Apache | 1 Commons-httpclient | 2018-01-05 | 4.3 MEDIUM | N/A |
| http/conn/ssl/AbstractVerifier.java in Apache Commons HttpClient before 4.2.3 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a certificate with a subject that specifies a common name in a field that is not the CN field. NOTE: this issue exists because of an incomplete fix for CVE-2012-5783. | |||||
| CVE-2015-0223 | 1 Apache | 1 Qpid | 2018-01-05 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access restrictions on qpidd via unknown vectors, related to 0-10 connection handling. | |||||
| CVE-2011-3639 | 1 Apache | 10 Http Server, Http Server2.0a1, Http Server2.0a2 and 7 more | 2017-12-29 | 4.3 MEDIUM | N/A |
| The mod_proxy module in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x before 2.2.18, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers by using the HTTP/0.9 protocol with a malformed URI containing an initial @ (at sign) character. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368. | |||||
| CVE-2014-3250 | 3 Apache, Puppet, Redhat | 3 Http Server, Puppet, Linux | 2017-12-27 | 4.0 MEDIUM | 6.5 MEDIUM |
| The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certificate when a Puppet master runs with Apache 2.4. | |||||
| CVE-2014-2668 | 1 Apache | 1 Couchdb | 2017-12-16 | 5.0 MEDIUM | N/A |
| Apache CouchDB 1.5.0 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via the count parameter to /_uuids. | |||||
| CVE-2012-1089 | 1 Apache | 1 Wicket | 2017-12-13 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Apache Wicket 1.4.x before 1.4.20 and 1.5.x before 1.5.5 allows remote attackers to read arbitrary web-application files via a relative pathname in a URL for a Wicket resource that corresponds to a null package. | |||||
| CVE-2012-0047 | 1 Apache | 1 Wicket | 2017-12-06 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.20 allows remote attackers to inject arbitrary web script or HTML via the wicket:pageMapName parameter. | |||||
| CVE-2012-0840 | 1 Apache | 1 Portable Runtime | 2017-12-05 | 5.0 MEDIUM | N/A |
| tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | |||||
| CVE-2016-6803 | 2 Apache, Microsoft | 2 Openoffice, Windows | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. | |||||
| CVE-2009-1197 | 1 Apache | 1 Juddi | 2017-11-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp. | |||||
| CVE-2017-12625 | 1 Apache | 1 Hive | 2017-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables or views, e.g., using Apache Ranger. When a view is created over a given table, the policy enforcement does not happen correctly on the table for masked columns. | |||||