Vulnerabilities > Apache

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-24	CVE-2020-1935	HTTP Request Smuggling vulnerability in multiple products In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. network high complexity apache debian canonical opensuse netapp oracle CWE-444	4.8
2020-02-24	CVE-2019-17569	HTTP Request Smuggling vulnerability in multiple products The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. network high complexity apache opensuse netapp debian oracle CWE-444	4.8
2020-02-24	CVE-2020-1937	SQL Injection vulnerability in Apache Kylin Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries. network low complexity apache CWE-89	8.8
2020-02-18	CVE-2014-4651	Improper Input Validation vulnerability in Apache Jclouds 1.7.3 It was found that the jclouds scriptbuilder Statements class wrote a temporary file to a predictable location. network low complexity apache CWE-20 critical	9.8
2020-02-11	CVE-2020-1942	Information Exposure Through Log Files vulnerability in Apache Nifi In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. network low complexity apache CWE-532	7.5
2020-02-11	CVE-2020-5529	Improper Initialization vulnerability in multiple products HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. network high complexity htmlunit debian canonical apache CWE-665	8.1
2020-02-06	CVE-2019-12426	Unspecified vulnerability in Apache Ofbiz an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06 network low complexity apache	5.3
2020-01-30	CVE-2020-1931	OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. network high complexity apache CWE-78	8.1
2020-01-30	CVE-2020-1930	OS Command Injection vulnerability in Apache Spamassassin A command execution issue was found in Apache SpamAssassin prior to 3.4.3. network high complexity apache CWE-78	8.1
2020-01-29	CVE-2019-20445	HTTP Request Smuggling vulnerability in multiple products HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. network low complexity netty debian fedoraproject canonical redhat apache CWE-444 critical	9.1

Vulnerabilities > Apache {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Apache"}]}

Vulnerabilities > Apache