Vulnerabilities > Apache
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-07 | CVE-2015-3250 | Information Exposure vulnerability in Apache Directory Ldap API 1.0.0 Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors. | 7.5 |
| 2017-09-05 | CVE-2016-3086 | Information Exposure vulnerability in Apache Hadoop The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications. | 9.8 |
| 2017-08-30 | CVE-2016-5001 | Information Exposure vulnerability in Apache Hadoop This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. | 5.5 |
| 2017-08-30 | CVE-2016-6800 | Cross-site Scripting vulnerability in Apache Ofbiz The default configuration of the Apache OFBiz framework offers a blog functionality. | 6.1 |
| 2017-08-30 | CVE-2016-4462 | Improper Input Validation vulnerability in Apache Ofbiz By manipulating the URL parameter externalLoginKey, a malicious, logged in user could pass valid Freemarker directives to the Template Engine that are reflected on the webpage; a specially crafted Freemarker template could be used for remote code execution. | 8.8 |
| 2017-08-30 | CVE-2017-3163 | Path Traversal vulnerability in Apache Solr When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. | 7.5 |
| 2017-08-29 | CVE-2017-3155 | Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting. | 6.1 |
| 2017-08-29 | CVE-2017-3154 | Information Exposure vulnerability in Apache Atlas 0.6.0/0.7.0 Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information. | 7.5 |
| 2017-08-29 | CVE-2017-3153 | Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality. | 6.1 |
| 2017-08-29 | CVE-2017-3152 | Cross-site Scripting vulnerability in Apache Atlas 0.6.0/0.7.0 Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality. | 6.1 |