Vulnerabilities > Apache
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-07-31 | CVE-2013-4131 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apache Subversion The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root. | 4.0 |
2013-07-31 | CVE-2013-2189 | Out-of-bounds Write vulnerability in Apache Openoffice Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file. | 6.8 |
2013-07-31 | CVE-2013-2112 | Remote Denial of Service vulnerability in Apache Subversion The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote attackers to cause a denial of service (exit) by aborting a connection. | 7.8 |
2013-07-31 | CVE-2013-2088 | Improper Input Validation vulnerability in multiple products contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename. | 7.1 |
2013-07-31 | CVE-2013-1968 | Remote Denial of Service vulnerability in Apache Subversion Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authenticated users to cause a denial of service (FSFS repository corruption) via a newline character in a file name. | 5.5 |
2013-07-20 | CVE-2013-2251 | Improper Input Validation vulnerability in Apache Struts Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix. | 9.3 |
2013-07-20 | CVE-2013-2248 | Improper Input Validation vulnerability in Apache Struts Multiple open redirect vulnerabilities in Apache Struts 2.0.0 through 2.3.15 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in a parameter using the (1) redirect: or (2) redirectAction: prefix. | 5.8 |
2013-07-20 | CVE-2013-1879 | Cross-Site Scripting vulnerability in Apache Activemq Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving the "cron of a message." | 4.3 |
2013-07-16 | CVE-2013-2135 | Code Injection vulnerability in Apache Struts Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice. | 9.3 |
2013-07-16 | CVE-2013-2134 | Code Injection vulnerability in Apache Struts Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135. | 9.3 |