VIR Vulnerability Intelligence Relay

Search

Found 482 results in 184ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46718 medium 6.5 6.5 apache 2d ago Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended …
CVE-2026-41115 medium 4.3 4.3 apache 2d ago An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMER_GROUP_DESCRIBE (69) API validates the DESCRIBE operation on the GROUP resource instead…
CVE-2026-49328 medium 5.3 5.3 apache 3d ago Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal …
CVE-2026-49270 medium 5.9 5.9 debian debian apache 3d ago Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurabl…
CVE-2026-49267 medium 5.9 5.9 apache 3d ago Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used `[email] smtp_s…
CVE-2026-48726 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for `FabAuthManager` and `KeycloakAuthManager` …
CVE-2026-46764 medium 4.3 4.3 apache 3d ago The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the colle…
CVE-2026-46605 medium 4.3 4.3 debian debian apache 3d ago Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions. This issue affects Apa…
CVE-2026-45426 low 3.1 3.1 apache 3d ago Exploitation requires the attacker to already be an authenticated Airflow worker holding a valid Log-server JWT issued for at least one Dag. Apache Airflow's Log server authorized JWT tokens against …
CVE-2026-42360 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys inside a JSON template structure) to be by…
CVE-2026-42358 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered by secret-suffixed key names like `password`, `token`, `secret`, `api_key`) to be bypassed when the JSON valu…
CVE-2026-42253 medium 6.1 6.1 debian debian apache 3d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies …
CVE-2026-41017 medium 5.9 5.9 apache 3d ago Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy (e.g. nginx / Envoy …
CVE-2026-41014 medium 4.3 4.3 apache 3d ago The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerat…
CVE-2026-40963 low 3.1 3.1 apache 3d ago The structure_data endpoint in the Airflow UI returned external dependency graph nodes for linked Dags without checking whether the caller had read permission on those linked Dags. An authenticated U…
CVE-2026-40861 medium 6.5 6.5 apache 3d ago A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg…
CVE-2026-45192 medium 6.5 6.5 apache 3d ago A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connect…
CVE-2026-40914 medium 4.3 4.3 apache 7d ago A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routi…
CVE-2025-48977 medium 6.5 6.5 apache 7d ago Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This iss…
CVE-2026-40564 medium 6.5 6.5 apache 8d ago Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so th…
CVE-2026-48589 medium 5.4 5.4 FIX debian debian apache 9d ago Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value coul…
CVE-2026-44598 medium 5.4 5.4 FIX debian debian apache 9d ago With valid login credentials, URL Redirection to Untrusted Site ('Open Redirect'), Server-Side Request Forgery (SSRF) vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha…
CVE-2026-43828 medium 6.5 6.5 debian debian apache 9d ago Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommen…
CVE-2026-43827 medium 6.5 6.5 debian debian apache 9d ago Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1…
CVE-2026-42797 medium 4.9 4.9 apache 9d ago Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which a…
CVE-2026-46745 medium 5.3 5.3 apache 10d ago Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attackers to exfiltrate directory data or bypass authentication. Upgrade to apache…
CVE-2026-45249 medium 6.1 6.1 apache 10d ago A cross-site scripting (XSS) vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0,…
CVE-2026-44618 medium 5.3 5.3 apache 13d ago Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this is…
CVE-2026-45187 medium 6.5 6.5 apache 16d ago Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-35086 medium 6.5 6.5 apache 16d ago Improper Control of Generation of Code ('Code Injection') vulnerability in email services of Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to vers…
CVE-2026-31906 medium 6.1 6.1 apache 16d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrad…
CVE-2026-31388 medium 5.3 5.3 apache 16d ago Improper Access Control vulnerability in Apache OFBiz in multi-tenant deployments. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixe…
CVE-2026-31387 medium 5.3 5.3 apache 16d ago Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-31380 medium 6.5 6.5 apache 16d ago Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06…
CVE-2026-31379 medium 6.1 6.1 apache 16d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of…
CVE-2026-31378 medium 6.5 6.5 apache 16d ago Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-29220 medium 6.5 6.5 apache 16d ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to v…
CVE-2026-29207 medium 6.5 6.5 apache 16d ago Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24…
CVE-2026-45205 medium 5.3 5.3 FIX debian debian sles apache 21d ago Apache Commons Configuration: StackOverflowError for YAML input with cycles
CVE-2026-43514 low 3.7 3.7 FIX slesdebian debian apache 22d ago Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M…
CVE-2026-43826 medium 6.5 6.5 apache 24d ago The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embed…
CVE-2026-41018 medium 6.5 6.5 apache 24d ago Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the host URL
CVE-2025-69233 medium 5.3 5.3 apache 27d ago Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi…
CVE-2025-66171 medium 6.5 6.5 apache 27d ago The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e…
CVE-2025-66170 medium 6.5 6.5 apache 27d ago The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plug…
CVE-2026-43975 medium 6.5 6.5 apache 29d ago Apache Wicket has a Path Traversal issue
CVE-2026-42509 medium 6.1 6.1 apache 29d ago Apache Wicket has a Cross-site Scripting issue
CVE-2026-43868 medium 5.3 5.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are rec…
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. …
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th…
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the…
CVE-2026-41016 medium 5.9 5.9 apache 1mo ago apache-airflow-providers-smtp: No certificate validation on SMTP STARTTLS connections in SMTP provider
CVE-2026-41607 medium 6.5 6.5 FIX slesdebian debian apache 1mo ago Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
CVE-2026-41606 medium 5.3 5.3 FIX slesdebian debian apache 1mo ago Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
CVE-2026-41081 medium 6.5 6.5 apache 1mo ago Apache Storm's Improper Handling of TLS Client Authentication Failure Leads to Anonymous Principal Assignment
CVE-2026-40557 medium 4.8 4.8 apache 1mo ago Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade
CVE-2026-40948 medium 5.4 5.4 apache 2mo ago The Keycloak authentication manager in `apache-airflow-providers-keycloak` did not generate or validate the OAuth 2.0 `state` parameter on the login / login-callback flow, and did not use PKCE. An at…
CVE-2026-34477 medium 5.9 5.9 FIX debian debian sles apache 2mo ago Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration
CVE-2025-61795 medium 5.3 5.3 FIX slesdebian debian apache 7mo ago Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded …
CVE-2023-48795 medium 5.9 5.9 FIX rhel rockydebian debian apacheopenbsdputty 3y ago The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from…
CVE-2013-1909 medium 5.8 apache 4y ago The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which al…
CVE-2021-44832 medium 6.6 6.6 FIX debian debian slesfedora fedora apacheoraclecisco 5y ago Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender wit…
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2020-9488 low 3.7 3.7 FIX debian debian sles oracleapacheqos 6y ago Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log mess…
CVE-2017-12630 medium 5.4 5.4 apache 9y ago Apache Drill vulnerable to Cross-site Scripting
CVE-2014-3250 medium 6.5 6.5 FIX debian debian puppetapache 9y ago The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certi…
CVE-2017-15707 medium 6.2 6.2 apachenetapporacle 9y ago Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
CVE-2017-3157 medium 5.5 5.5 FIX slesdebian debian rhel apache 9y ago By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrie…
CVE-2014-0219 medium 5.5 5.5 apache 9y ago Improper Input Validation in Apache Karaf
CVE-2017-12624 medium 5.5 5.5 apache 9y ago Improper Input Validation in Apache CXF
CVE-2017-12625 medium 4.3 4.3 apache 9y ago Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service
CVE-2012-5636 medium 6.1 6.1 apache 9y ago Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.22, 1.5.x before 1.5.10, and 6.x before 6.4.0 might allow remote attackers to inject arbitrary web script or HTML via vector…
CVE-2009-1198 medium 6.1 6.1 apache 9y ago Cross-site scripting (XSS) vulnerability in Apache jUDDI before 2.0 allows remote attackers to inject arbitrary web script or HTML via the dsname parameter to happyjuddi.jsp.
CVE-2009-1197 medium 5.3 5.3 apache 9y ago Apache jUDDI before 2.0 allows attackers to spoof entries in log files via vectors related to error logging of keys from uddiget.jsp.
CVE-2015-1835 medium 5.3 5.3 apache 9y ago Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables…
CVE-2017-12618 medium 4.7 4.7 FIX debian debian slesarch arch apache 9y ago Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A loc…
CVE-2010-5312 medium 6.1 6.1 FIX debian debianfedora fedora jqueryuinetappapache 9y ago Cross-site Scripting in jquery-ui
CVE-2016-8748 medium 5.4 5.4 apache 9y ago Cross-site Scripting in Apache NiFi
CVE-2016-8734 medium 6.5 6.5 FIX slesdebian debian apache 9y ago Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The a…
CVE-2016-6815 medium 6.5 6.5 apache 9y ago Moderate severity vulnerability that affects org.apache.ranger:ranger
CVE-2017-12623 medium 6.5 6.5 apache 9y ago XML External Entity Reference in Apache NiFi
CVE-2017-9792 medium 6.5 6.5 apache 9y ago In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" a…
CVE-2017-9797 medium 6.5 6.5 apache 9y ago Apache Geode vulnerable to Exposure of Sensitive Information
CVE-2014-0043 medium 5.3 5.3 apache 9y ago Apache Wicket allows attackers to check for third-party libraries
CVE-2017-9794 medium 4.3 4.3 apache 9y ago Apache Geode gfsh query vulnerability
CVE-2015-5169 medium 6.1 6.1 apache 9y ago Cross-site Scripting in Apache Struts
CVE-2016-8738 medium 5.9 5.9 apache 9y ago Apache Struts vulnerable to possible DoS attack when using URLValidator
CVE-2017-3165 medium 5.4 5.4 apache 9y ago Cross-site Scripting In Apache Brooklyn
CVE-2014-9635 medium 5.3 5.3 jenkinsapache 9y ago Jenkins HttpOnly flag not Set for session cookies
CVE-2014-9634 medium 5.3 5.3 jenkinsapache 9y ago Jenkins secure flag not set on session cookies
CVE-2016-5001 medium 5.5 5.5 apache 9y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
CVE-2016-6800 medium 6.1 6.1 apache 9y ago The default configuration of the Apache OFBiz framework offers a blog functionality. Different users are able to operate blogs which are related to specific parties. In the form field for the creatio…
CVE-2017-3155 medium 6.1 6.1 apache 9y ago Cross-site Scripting in Apache Atlas
CVE-2017-3153 medium 6.1 6.1 apache 9y ago Cross-site Scripting in Apache Atlas
CVE-2017-3152 medium 6.1 6.1 apache 9y ago Cross-site Scripting in Apache Atlas
CVE-2017-3151 medium 6.1 6.1 apache 9y ago Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality.
CVE-2017-3150 medium 6.1 6.1 apache 9y ago Insecure cookie storage in Apache Atlas
CVE-2017-9802 medium 6.1 6.1 apache 9y ago Improper Neutralization of Input During Web Page Generation Apache Sling Servlets Post