Vulnerabilities > Apache > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-7681 | SQL Injection vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 is vulnerable to SQL injection. | 8.8 |
| 2017-07-17 | CVE-2017-7680 | Unspecified vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file. | 7.5 |
| 2017-07-17 | CVE-2017-7666 | Cross-site Scripting vulnerability in Apache Openmeetings Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks. | 8.8 |
| 2017-07-17 | CVE-2015-0249 | Code Injection vulnerability in Apache Roller 5.1.0/5.1.1 The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users with admin privileges for a weblog to execute arbitrary Java code via crafted Velocity Text Language (aka VTL). | 7.2 |
| 2017-07-13 | CVE-2017-9789 | Use After Free vulnerability in Apache Http Server 2.4.26 When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour. | 7.5 |
| 2017-07-13 | CVE-2017-9787 | Unspecified vulnerability in Apache Struts When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. | 7.5 |
| 2017-07-10 | CVE-2017-5652 | Cleartext Transmission of Sensitive Information vulnerability in Apache Impala 2.7.0/2.8.0 During a routine security analysis, it was found that one of the ports in Apache Impala (incubating) 2.7.0 to 2.8.0 sent data in plaintext even when the cluster was configured to use TLS. | 7.5 |
| 2017-07-10 | CVE-2017-7670 | Resource Exhaustion vulnerability in Apache Traffic Control The Traffic Router component of the incubating Apache Traffic Control project is vulnerable to a Slowloris style Denial of Service attack. | 7.5 |
| 2017-07-07 | CVE-2017-7660 | Improper Authentication vulnerability in Apache Solr Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. | 7.5 |
| 2017-06-28 | CVE-2017-7686 | Information Exposure vulnerability in Apache Ignite Apache Ignite 1.0.0-RC3 to 2.0 uses an update notifier component to update the users about new project releases that include additional functionality, bug fixes and performance improvements. | 7.5 |