CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apache : Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2016-2171 264 2016-04-11 2016-04-14
6.4
None Remote Low Not required None Partial Partial
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using Jetspeed Security, which allows remote attackers to (1) add, (2) edit, or (3) delete users via the REST API.
2 CVE-2016-0763 264 DoS Bypass 2016-02-24 2016-04-25
6.5
None Remote Low Single system Partial Partial Partial
The setGlobalContext method in org/apache/naming/factory/ResourceLinkFactory.java in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M3 does not consider whether ResourceLinkFactory.setGlobalContext callers are authorized, which allows remote authenticated users to bypass intended SecurityManager restrictions and read or write to arbitrary application data, or cause a denial of service (application disruption), via a web application that sets a crafted global context.
3 CVE-2016-0735 264 Bypass 2016-04-11 2016-04-19
6.5
None Remote Low Single system Partial Partial Partial
Apache Ranger 0.5.x before 0.5.2 allows remote authenticated users to bypass intended parent resource-level access restrictions by leveraging mishandling of a resource-level exclude policy.
4 CVE-2016-0714 264 Exec Code Bypass 2016-02-24 2016-04-25
6.5
None Remote Low Single system Partial Partial Partial
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
5 CVE-2015-5351 352 Bypass CSRF 2016-02-24 2016-04-25
6.8
None Remote Medium Not required Partial Partial Partial
The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 establish sessions and send CSRF tokens for arbitrary new requests, which allows remote attackers to bypass a CSRF protection mechanism by using a token.
6 CVE-2015-5348 19 Exec Code 2016-04-15 2016-04-22
6.8
None Remote Medium Not required Partial Partial Partial
Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
7 CVE-2015-5346 2016-02-24 2016-04-25
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before 9.0.0.M2, when different session settings are used for deployments of multiple versions of the same web application, might allow remote attackers to hijack web sessions by leveraging use of a requestedSessionSSL field for an unintended request, related to CoyoteAdapter.java and Request.java.
8 CVE-2015-5214 119 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
9 CVE-2015-5213 189 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
10 CVE-2015-5212 189 DoS Exec Code Mem. Corr. 2015-11-10 2015-11-12
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
11 CVE-2015-3270 264 +Priv 2015-11-02 2015-11-03
6.5
None Remote Low Single system Partial Partial Partial
Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administrative privileges via unspecified vectors, possibly related to changing passwords.
12 CVE-2015-3252 255 2016-02-08 2016-02-12
6.0
None Remote Medium Single system Partial Partial Partial
Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server.
13 CVE-2015-1833 20 2015-05-29 2015-06-01
6.4
None Remote Low Not required Partial Partial None
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request.
14 CVE-2015-1774 119 DoS Exec Code Overflow 2015-04-28 2015-08-25
6.8
None Remote Medium Not required Partial Partial Partial
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
15 CVE-2015-0266 264 Bypass 2016-04-11 2016-04-13
6.5
None Remote Low Single system Partial Partial Partial
The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass intended access restrictions via direct access to module URLs.
16 CVE-2015-0250 DoS 2015-03-24 2016-03-29
6.4
None Remote Low Not required Partial None Partial
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
17 CVE-2014-7809 352 Bypass CSRF 2014-12-10 2015-07-30
6.8
None Remote Medium Not required Partial Partial Partial
Apache Struts 2.0.0 through 2.3.x before 2.3.20 uses predictable <s:token/> values, which allows remote attackers to bypass the CSRF protection mechanism.
18 CVE-2014-3500 17 2014-11-15 2014-11-17
6.4
None Remote Low Not required Partial Partial None
Apache Cordova Android before 3.5.1 allows remote attackers to change the start page via a crafted intent URL.
19 CVE-2014-0227 19 DoS 2015-02-15 2016-04-25
6.4
None Remote Low Not required None Partial Partial
java/org/apache/coyote/http11/filters/ChunkedInputFilter.java in Apache Tomcat 6.x before 6.0.42, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle attempts to continue reading data after an error has occurred, which allows remote attackers to conduct HTTP request smuggling attacks or cause a denial of service (resource consumption) by streaming data with malformed chunked transfer coding.
20 CVE-2014-0226 362 1 DoS Exec Code Overflow +Info 2014-07-20 2015-04-14
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
21 CVE-2014-0111 94 Exec Code 2014-04-17 2014-05-09
6.5
None Remote Low Single system Partial Partial Partial
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."
22 CVE-2013-6408 2013-12-07 2014-07-17
6.4
None Remote Low Not required Partial None Partial
The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.
23 CVE-2013-6407 2013-12-07 2014-07-17
6.4
None Remote Low Not required Partial None Partial
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
24 CVE-2013-6357 352 CSRF 2013-11-13 2013-11-14
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** Cross-site request forgery (CSRF) vulnerability in the Manager application in Apache Tomcat 5.5.25 and earlier allows remote attackers to hijack the authentication of administrators for requests that manipulate application deployment via the POST method, as demonstrated by a /manager/html/undeploy?path= URI. NOTE: the vendor disputes the significance of this report, stating that "the Apache Tomcat Security team has not accepted any reports of CSRF attacks against the Manager application ... as they require a reckless system administrator."
25 CVE-2013-4444 94 Exec Code 2014-09-11 2014-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Unrestricted file upload vulnerability in Apache Tomcat 7.x before 7.0.40, in certain situations involving outdated java.io.File code and a custom JMX configuration, allows remote attackers to execute arbitrary code by uploading and accessing a JSP file.
26 CVE-2013-4330 94 2013-10-04 2014-03-26
6.8
None Remote Medium Not required Partial Partial Partial
Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer.
27 CVE-2013-4212 94 1 2013-12-07 2013-12-09
6.8
None Remote Medium Not required Partial Partial Partial
Certain getText methods in the ActionSupport controller in Apache Roller before 5.0.2 allow remote attackers to execute arbitrary OGNL expressions via the first or second parameter, as demonstrated by the pageTitle parameter in the !getPageTitle sub-URL to roller-ui/login.rol, which uses a subclass of UIAction, aka "OGNL Injection."
28 CVE-2013-4156 119 DoS Overflow Mem. Corr. 2013-07-31 2013-07-31
6.8
None Remote Medium Not required Partial Partial Partial
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted element in an OOXML document file.
29 CVE-2013-3060 287 DoS +Info 2013-04-21 2014-02-06
6.4
None Remote Low Not required Partial None Partial
The web console in Apache ActiveMQ before 5.8.0 does not require authentication, which allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests.
30 CVE-2013-2189 119 DoS Overflow Mem. Corr. 2013-07-31 2013-07-31
6.8
None Remote Medium Not required Partial Partial Partial
Apache OpenOffice.org (OOo) before 4.0 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via invalid PLCF data in a DOC document file.
31 CVE-2013-2067 287 2013-06-01 2014-01-17
6.8
None Remote Medium Not required Partial Partial Partial
java/org/apache/catalina/authenticator/FormAuthenticator.java in the form authentication feature in Apache Tomcat 6.0.21 through 6.0.36 and 7.x before 7.0.33 does not properly handle the relationships between authentication requirements and sessions, which allows remote attackers to inject a request into a session by sending this request during completion of the login form, a variant of a session fixation attack.
32 CVE-2012-5649 94 Exec Code 2014-05-23 2014-05-29
6.8
None Remote Medium Not required Partial Partial Partial
Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.
33 CVE-2012-5575 310 2013-08-19 2013-10-30
6.4
None Remote Low Not required Partial Partial None
Apache CFX 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic algorithms than intended and makes it easier to decrypt communications, aka "XML Encryption backwards compatibility attack."
34 CVE-2012-5351 287 Bypass 2012-10-09 2013-02-13
6.4
None Remote Low Not required Partial Partial None
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability than CVE-2012-4418.
35 CVE-2012-4446 287 Bypass 2013-03-13 2013-03-19
6.8
None Remote Medium Not required Partial Partial Partial
The default configuration for Apache Qpid 0.20 and earlier, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote attackers to bypass authentication and have other unspecified impact via an AMQP request.
36 CVE-2012-4386 352 CSRF 2012-09-05 2012-09-06
6.8
None Remote Medium Not required Partial Partial Partial
The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.
37 CVE-2012-2380 352 CSRF 2012-06-26 2013-10-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.
38 CVE-2012-2334 189 DoS Exec Code Overflow 2012-06-19 2014-10-24
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in filter/source/msfilter/msdffimp.cxx in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the length of an Escher graphics record in a PowerPoint (.ppt) document, which triggers a buffer overflow.
39 CVE-2012-1574 310 2012-04-12 2012-12-05
6.5
None Remote Low Single system Partial Partial Partial
The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 through 0.20.205.0, 0.23.x before 0.23.2, and 1.0.x before 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin before 0.20.2+923.197, and other products, allows remote authenticated users to impersonate arbitrary cluster user accounts via unspecified vectors.
40 CVE-2012-0883 264 +Priv 2012-04-18 2013-09-17
6.9
None Local Medium Not required Complete Complete Complete
envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.
41 CVE-2012-0394 94 2 Exec Code 2012-01-08 2014-02-20
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself."
42 CVE-2012-0393 264 1 2012-01-08 2012-01-12
6.4
None Remote Low Not required None Partial Partial
The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.
43 CVE-2011-2329 264 Bypass 2011-06-02 2011-07-07
6.5
None Remote Low Single system Partial Partial Partial
The rampart_timestamp_token_validate function in util/rampart_timestamp_token.c in Apache Rampart/C 1.3.0 does not properly calculate the expiration of timestamp tokens, which allows remote attackers to bypass intended access restrictions by leveraging an expired token, a different vulnerability than CVE-2011-0730.
44 CVE-2011-1026 352 CSRF 2011-06-02 2011-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Apache Archiva 1.0 through 1.2.2, and 1.3.x before 1.3.5, allow remote attackers to hijack the authentication of administrators.
45 CVE-2010-4539 399 DoS 2011-01-07 2014-02-11
6.8
None Remote Low Single system None None Complete
The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.
46 CVE-2010-4408 79 +Priv XSS CSRF 2010-12-06 2010-12-15
6.8
None Remote Medium Not required Partial Partial Partial
Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of the administrator's password at the time of modifying a user account, which makes it easier for context-dependent attackers to gain privileges by leveraging a (1) unattended workstation or (2) cross-site request forgery (CSRF) vulnerability, a related issue to CVE-2010-3449.
47 CVE-2010-4312 16 2010-11-26 2010-11-29
6.4
None Remote Low Not required None Partial Partial
The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to hijack a session via script access to a cookie.
48 CVE-2010-3449 352 CSRF 2010-12-06 2011-02-19
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
49 CVE-2010-3315 16 Bypass 2010-10-04 2013-11-02
6.0
None Remote Medium Single system Partial Partial Partial
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
50 CVE-2010-2953 +Priv 2010-09-14 2010-09-14
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory.
Total number of vulnerabilities : 74   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.