Apache : Security Vulnerabilities, CVEs, Published In 2016 (Overflow) CVSS score >= 3
Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.
Max CVSS
8.1
EPSS Score
0.91%
Published
2016-09-21
Updated
2021-11-17
Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.
Max CVSS
7.5
EPSS Score
0.75%
Published
2016-07-08
Updated
2023-02-12
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server crash or memory consumption) and possibly execute arbitrary code via a skel-encoded request body, which triggers an out-of-bounds read and heap-based buffer overflow.
Max CVSS
8.0
EPSS Score
94.96%
Published
2016-04-14
Updated
2019-02-12
Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read.
Max CVSS
9.0
EPSS Score
94.36%
Published
2016-01-08
Updated
2017-07-01
4 vulnerabilities found