CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Apache : Security Vulnerabilities (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-5645 502 Exec Code 2017-04-17 2017-04-24
7.5
None Remote Low Not required Partial Partial Partial
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
2 CVE-2017-5638 20 Exec Code 2017-03-10 2017-05-26
10.0
None Remote Low Not required Complete Complete Complete
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string in a crafted Content-Type HTTP header, as exploited in the wild in March 2017.
3 CVE-2016-1000031 284 Exec Code 2016-10-25 2016-12-29
7.5
None Remote Low Not required Partial Partial Partial
Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution
4 CVE-2016-8751 79 Exec Code XSS 2017-06-14 2017-06-19
3.5
None Remote Medium Single system None Partial None
Apache Ranger before 0.6.is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies.
5 CVE-2016-8749 502 Exec Code 2017-03-28 2017-06-08
7.5
None Remote Low Not required Partial Partial Partial
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.
6 CVE-2016-8735 284 Exec Code 2017-04-06 2017-04-12
7.5
None Remote Low Not required Partial Partial Partial
Remote code execution is possible with Apache Tomcat before 6.0.48, 7.x before 7.0.73, 8.x before 8.0.39, 8.5.x before 8.5.7, and 9.x before 9.0.0.M12 if JmxRemoteLifecycleListener is used and an attacker can reach JMX ports. The issue exists because this listener wasn't updated for consistency with the CVE-2016-3427 Oracle patch that affected credential types.
7 CVE-2016-6809 502 Exec Code 2017-04-06 2017-04-12
7.5
None Remote Low Not required Partial Partial Partial
Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.
8 CVE-2016-6807 284 Exec Code 2017-03-28 2017-04-04
7.5
None Remote Low Not required Partial Partial Partial
Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process.
9 CVE-2016-4978 502 Exec Code 2016-09-27 2016-09-28
6.0
None Remote Medium Single system Partial Partial Partial
The getObject method of the javax.jms.ObjectMessage class in the (1) JMS Core client, (2) Artemis broker, and (3) Artemis REST component in Apache ActiveMQ Artemis before 1.4.0 might allow remote authenticated users with permission to send messages to the Artemis broker to deserialize arbitrary objects and execute arbitrary code by leveraging gadget classes being present on the Artemis classpath.
10 CVE-2016-4974 20 Exec Code 2016-07-13 2016-09-01
6.0
None Remote Medium Single system Partial Partial Partial
Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with permission to send messages to deserialize arbitrary objects and execute arbitrary code by leveraging a crafted serialized object in a JMS ObjectMessage that is handled by the getObject function.
11 CVE-2016-4438 20 Exec Code 2016-07-04 2016-10-06
7.5
None Remote Low Not required Partial Partial Partial
The REST plugin in Apache Struts 2 2.3.20 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression.
12 CVE-2016-4437 284 Exec Code Bypass 2016-06-07 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Apache Shiro before 1.2.5, when a cipher key has not been configured for the "remember me" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter.
13 CVE-2016-3087 20 Exec Code 2016-06-07 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
14 CVE-2016-3082 20 Exec Code 2016-04-26 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
XSLTResult in Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1 allows remote attackers to execute arbitrary code via the stylesheet location parameter.
15 CVE-2016-3081 77 Exec Code 2016-04-26 2016-11-30
9.3
None Remote Medium Not required Complete Complete Complete
Apache Struts 2.x before 2.3.20.2, 2.3.24.x before 2.3.24.2, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
16 CVE-2016-2174 89 Exec Code Sql 2016-06-13 2016-06-14
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the policy admin tool in Apache Ranger before 0.5.3 allows remote authenticated administrators to execute arbitrary SQL commands via the eventTime parameter to service/plugins/policies/eventTime.
17 CVE-2016-2170 20 Exec Code 2016-04-12 2016-12-02
7.5
None Remote Low Not required Partial Partial Partial
Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.
18 CVE-2016-1513 125 DoS Exec Code 2016-08-05 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
The Impress tool in Apache OpenOffice 4.1.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read or write) or execute arbitrary code via crafted MetaActions in an (1) ODP or (2) OTP file.
19 CVE-2016-1181 DoS Exec Code 2016-07-04 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899.
20 CVE-2016-0785 20 Exec Code 2016-04-12 2016-11-28
10.0
None Remote Low Not required Complete Complete Complete
Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation.
21 CVE-2016-0779 502 Exec Code 2017-04-11 2017-04-18
7.5
None Remote Low Not required Partial Partial Partial
The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote attackers to execute arbitrary code via a crafted serialized object.
22 CVE-2016-0760 284 Exec Code 2016-08-19 2016-08-22
6.5
None Remote Low Single system Partial Partial Partial
Multiple incomplete blacklist vulnerabilities in Apache Sentry before 1.7.0 allow remote authenticated users to execute arbitrary code via the (1) reflect, (2) reflect2, or (3) java_method Hive builtin functions.
23 CVE-2016-0729 119 DoS Exec Code Overflow Mem. Corr. 2016-04-07 2016-12-02
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in (1) internal/XMLReader.cpp, (2) util/XMLURL.cpp, and (3) util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service (segmentation fault or memory corruption) or possibly execute arbitrary code via a crafted document.
24 CVE-2016-0714 264 Exec Code Bypass 2016-02-24 2016-12-05
6.5
None Remote Low Single system Partial Partial Partial
The session-persistence implementation in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.31, and 9.x before 9.0.0.M2 mishandles session attributes, which allows remote authenticated users to bypass intended SecurityManager restrictions and execute arbitrary code in a privileged context via a web application that places a crafted object in a session.
25 CVE-2016-0710 89 Exec Code Sql 2016-04-11 2016-04-20
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in the User Manager service in Apache Jetspeed before 2.3.1 allow remote attackers to execute arbitrary SQL commands via the (1) role or (2) user parameter to services/usermanager/users/.
26 CVE-2016-0709 22 Exec Code Dir. Trav. 2016-04-11 2016-04-20
9.0
None Remote Low Single system Complete Complete Complete
Directory traversal vulnerability in the Import/Export function in the Portal Site Manager in Apache Jetspeed before 2.3.1 allows remote authenticated administrators to write to arbitrary files, and consequently execute arbitrary code, via a .. (dot dot) in a ZIP archive entry, as demonstrated by "../../webapps/x.jsp."
27 CVE-2015-7611 78 Exec Code 2016-06-07 2016-06-08
9.3
None Remote Medium Not required Complete Complete Complete
Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors.
28 CVE-2015-6420 Exec Code 2015-12-15 2017-02-16
7.5
None Remote Low Not required Partial Partial Partial
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
29 CVE-2015-5349 77 Exec Code 2016-04-11 2016-04-14
9.3
None Remote Medium Not required Complete Complete Complete
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a crafted LDAP entry that is interpreted as a formula when imported into a spreadsheet.
30 CVE-2015-5348 19 Exec Code 2016-04-15 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
31 CVE-2015-5344 19 Exec Code 2016-02-03 2016-11-28
7.5
None Remote Low Not required Partial Partial Partial
The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
32 CVE-2015-5343 119 DoS Exec Code Overflow 2016-04-14 2016-12-02
8.0
None Remote Low Single system Partial Partial Complete
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
33 CVE-2015-5259 119 Exec Code Overflow 2016-01-08 2016-11-28
9.0
None Remote Low Not required Partial Partial Complete
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
34 CVE-2015-5254 20 Exec Code 2016-01-08 2017-02-07
7.5
None Remote Low Not required Partial Partial Partial
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
35 CVE-2015-5214 119 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via an index to a non-existent bookmark in a DOC file.
36 CVE-2015-5213 189 DoS Exec Code Overflow Mem. Corr. 2015-11-10 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow.
37 CVE-2015-5212 189 DoS Exec Code Mem. Corr. 2015-11-10 2016-12-07
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configuration setting "Load printer settings with the document" is enabled, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted PrinterSetup data in an ODF document.
38 CVE-2015-3253 74 DoS Exec Code 2015-08-13 2016-12-05
7.5
None Remote Low Not required Partial Partial Partial
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object.
39 CVE-2015-3188 264 Exec Code 2017-01-13 2017-01-17
10.0
None Remote Low Not required Complete Complete Complete
The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified vectors.
40 CVE-2015-1774 119 DoS Exec Code Overflow 2015-04-28 2017-01-02
6.8
None Remote Medium Not required Partial Partial Partial
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write.
41 CVE-2015-0254 Exec Code 2015-03-09 2016-12-21
7.5
None Remote Low Not required Partial Partial Partial
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.
42 CVE-2015-0225 77 Exec Code 2015-04-03 2016-12-23
7.5
None Remote Low Not required Partial Partial Partial
The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 through 2.1.3 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.
43 CVE-2014-3582 94 Exec Code 2017-03-29 2017-05-30
7.5
None Remote Low Not required Partial Partial Partial
In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the Ambari Server host while generating SSL certificates for hosts in an Ambari cluster.
44 CVE-2014-3524 Exec Code 2014-08-26 2017-01-06
9.3
None Remote Medium Not required Complete Complete Complete
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly have other unspecified impact via a crafted Calc spreadsheet.
45 CVE-2014-1972 399 DoS Exec Code 2015-08-22 2015-08-24
7.8
None Remote Low Not required None None Complete
Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource consumption) or execute arbitrary code via crafted serialized data.
46 CVE-2014-0226 362 1 DoS Exec Code Overflow +Info 2014-07-20 2017-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the mod_status module in the Apache HTTP Server before 2.4.10 allows remote attackers to cause a denial of service (heap-based buffer overflow), or possibly obtain sensitive credential information or execute arbitrary code, via a crafted request that triggers improper scoreboard handling within the status_handler function in modules/generators/mod_status.c and the lua_ap_scoreboard_worker function in modules/lua/lua_request.c.
47 CVE-2014-0114 20 Exec Code 2014-04-30 2017-01-06
7.5
None Remote Low Not required Partial Partial Partial
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.
48 CVE-2014-0113 264 Exec Code 2014-04-29 2017-01-06
7.5
None Remote Low Not required Partial Partial Partial
CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.
49 CVE-2014-0112 264 Exec Code 2014-04-29 2017-01-06
7.5
None Remote Low Not required Partial Partial Partial
ParametersInterceptor in Apache Struts before 2.3.16.2 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.
50 CVE-2014-0111 94 Exec Code 2014-04-17 2014-05-09
6.5
None Remote Low Single system Partial Partial Partial
Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, "derived schema definition," "user / role templates," and "account links of resource mappings."
Total number of vulnerabilities : 101   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.