Vulnerabilities > Apache
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-18 | CVE-2014-4651 | Improper Input Validation vulnerability in Apache Jclouds 1.7.3 It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable location. | 7.5 |
2020-02-11 | CVE-2020-1942 | Information Exposure vulnerability in Apache Nifi In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. | 5.0 |
2020-02-11 | CVE-2020-5529 | Improper Initialization vulnerability in multiple products HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. | 8.1 |
2020-02-06 | CVE-2019-12426 | Unspecified vulnerability in Apache Ofbiz an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06 | 5.3 |
2020-01-30 | CVE-2020-1931 | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
2020-01-30 | CVE-2020-1930 | OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. | 8.1 |
2020-01-29 | CVE-2019-20445 | HTTP Request Smuggling vulnerability in multiple products HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. | 9.1 |
2020-01-28 | CVE-2020-1940 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Apache Jackrabbit OAK The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. | 7.5 |
2020-01-28 | CVE-2020-1933 | Cross-site Scripting vulnerability in Apache Nifi A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. | 4.3 |
2020-01-28 | CVE-2020-1932 | Information Exposure vulnerability in Apache Superset An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. | 4.0 |