Vulnerabilities > Apache

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-07	CVE-2018-1340	Missing Encryption of Sensitive Data vulnerability in Apache Guacamole Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. network low complexity apache CWE-311	7.5
2019-02-07	CVE-2018-1296	Information Exposure vulnerability in Apache Hadoop In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent. network low complexity apache CWE-200	7.5
2019-02-05	CVE-2018-11803	Access of Uninitialized Pointer vulnerability in multiple products Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation. network low complexity apache canonical CWE-824	7.5
2019-02-04	CVE-2018-11760	Unspecified vulnerability in Apache Spark When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. local low complexity apache	5.5
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2018-11790	Incorrect Calculation vulnerability in multiple products When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. local low complexity apache canonical CWE-682	7.8
2019-01-30	CVE-2019-0190	A bug exists in the way mod_ssl handled client renegotiations. network low complexity apache oracle	7.5
2019-01-30	CVE-2018-17199	Session Fixation vulnerability in multiple products In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. network low complexity apache debian netapp canonical oracle CWE-384	7.5
2019-01-30	CVE-2018-17189	Resource Exhaustion vulnerability in multiple products In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data. network low complexity apache netapp fedoraproject debian oracle canonical redhat CWE-400	5.3
2019-01-23	CVE-2018-20245	Improper Certificate Validation vulnerability in Apache Airflow The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking. network low complexity apache CWE-295	7.5

Vulnerabilities > Apache {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Apache"}]}

Vulnerabilities > Apache