VIR Vulnerability Intelligence Relay

Search

Found 573 results in 194ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-46718 medium 6.5 6.5 apache 2d ago Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache Calcite. This issue affects Apache Calcite: from 1.5.0 before 1.42. Users are recommended …
CVE-2026-41115 medium 4.3 4.3 apache 2d ago An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMER_GROUP_DESCRIBE (69) API validates the DESCRIBE operation on the GROUP resource instead…
CVE-2026-49328 medium 5.3 5.3 apache 3d ago Server-Side Request Forgery (SSRF) in the UrlImageConverter component of Apache Fesod (Incubating) fesod-sheet before 2.0.2-incubating allows attackers to cause outbound network requests to internal …
CVE-2026-49270 medium 5.9 5.9 debian debian apache 3d ago Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurabl…
CVE-2026-49267 medium 5.9 5.9 apache 3d ago Apache Airflow's EmailOperator and the underlying `airflow.utils.email` helpers established SMTP STARTTLS connections without verifying the remote certificate when the deployment used `[email] smtp_s…
CVE-2026-48726 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's auth manager logout handling left previously-issued JWT tokens valid after the user clicked logout in the UI: the logout flow for `FabAuthManager` and `KeycloakAuthManager` …
CVE-2026-46764 medium 4.3 4.3 apache 3d ago The Event Log detail endpoint `GET /api/v2/eventLogs/{event_log_id}` in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the colle…
CVE-2026-46605 medium 4.3 4.3 debian debian apache 3d ago Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions. This issue affects Apa…
CVE-2026-42360 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's rendered-template field handling caused nested sensitive-key masking (e.g. nested `password` / `token` / `secret` / `api_key` keys inside a JSON template structure) to be by…
CVE-2026-42358 medium 6.5 6.5 apache 3d ago A bug in Apache Airflow's Variable response masker caused nested-key redaction (triggered by secret-suffixed key names like `password`, `token`, `secret`, `api_key`) to be bypassed when the JSON valu…
CVE-2026-42253 medium 6.1 6.1 debian debian apache 3d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies …
CVE-2026-42252 critical 9.1 9.1 apache 3d ago Apache Airflow's official documentation at `core-concepts/dag-run.html` ("Passing Parameters when triggering Dags") showed a verbatim `BashOperator(bash_command="echo value: {{ dag_run.conf['conf1'] …
CVE-2026-41017 medium 5.9 5.9 apache 3d ago Apache Airflow's `JWTRefreshMiddleware` set the JWT auth cookie without the `Secure` flag, so deployments running the Airflow API server behind an HTTPS-terminating reverse proxy (e.g. nginx / Envoy …
CVE-2026-41014 medium 4.3 4.3 apache 3d ago The partitioned_dag_runs endpoints in the Airflow UI enforced only asset-level access control, not per-Dag authorization. An authenticated UI/API user with global Asset:read permission could enumerat…
CVE-2026-40861 medium 6.5 6.5 apache 3d ago A Dag author could either (a) create a symlink under their task's log directory pointing to an arbitrary file readable by the API server process (read-path attack — e.g. `/etc/passwd` or `airflow.cfg…
CVE-2026-45192 medium 6.5 6.5 apache 3d ago A bug in the GET `/api/v2/connections/{connection_id}` REST API endpoint in Apache Airflow allowed an authenticated UI/API user with Connection-read permission to retrieve secrets stored in a Connect…
CVE-2026-40914 medium 4.3 4.3 apache 7d ago A vulnerability exists in Apache Artemis whereby an application using the STOMP protocol with security credentials that grant either the consume or send permission on an address can augment the routi…
CVE-2025-48977 medium 6.5 6.5 apache 7d ago Relative Path Traversal vulnerability in Apache Ignite REST API. Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This iss…
CVE-2026-40564 medium 6.5 6.5 apache 9d ago Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so th…
CVE-2026-48589 medium 5.4 5.4 FIX debian debian apache 9d ago Apache Shiro’s Jakarta EE module used the HTTP Referer header in certain cases to issue redirect after a user login. In affected versions, insufficient validation of this client-controlled value coul…
CVE-2026-44598 medium 5.4 5.4 FIX debian debian apache 9d ago With valid login credentials, URL Redirection to Untrusted Site ('Open Redirect'), Server-Side Request Forgery (SSRF) vulnerability in Apache Shiro. This issue affects Apache Shiro from 2.0-alpha…
CVE-2026-43828 medium 6.5 6.5 debian debian apache 9d ago Default configurations of Apache Shiro send sensitive cookies in HTTPS session without 'Secure' attribute. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommen…
CVE-2026-43827 medium 6.5 6.5 debian debian apache 9d ago Default configurations of Apache Shiro have a session fixation vulnerability. This issue affects Apache Shiro from 1.0 to 2.1.0, and 3.0.0-alpha-1. Users are recommended to upgrade to version 2.1.1…
CVE-2026-42797 medium 4.9 4.9 apache 10d ago Exposure of Sensitive Information Through Data Queries vulnerability in Apache Syncope. An administrator with adequate entitlements for Derived Schemas can create a malicious JEXL expression which a…
CVE-2026-46745 medium 5.3 5.3 apache 10d ago Apache Airflow FAB Auth Manager contains an LDAP filter injection vulnerability (CWE-90) that allows unauthenticated attackers to exfiltrate directory data or bypass authentication. Upgrade to apache…
CVE-2026-45249 medium 6.1 6.1 apache 10d ago A cross-site scripting (XSS) vulnerability exists in Apache ECharts in the Lines series tooltip rendering logic. This issue affects Apache ECharts: from before 6.1.0. In versions prior to 6.1.0,…
CVE-2026-44930 critical 9.8 9.8 apache 13d ago An LDAP injection vulnerability in the LDAP Certificate repository of the XKMS server in Apache CXF may allow an attacker to retrieve arbitrary certificates from the repository.  Users are recommende…
CVE-2026-44618 medium 5.3 5.3 apache 13d ago Insecure XML parser configuration in Apache CXF's WS-Transfer module may allow attackers to perform XXE attacks. Users are recommended to upgrade to versions 4.2.1, 4.1.6 or 3.6.11, which fix this is…
CVE-2026-48207 critical 9.8 9.8 apache 14d ago Deserialization of untrusted data in Apache Fory PyFory. PyFory's ReduceSerializer could bypass documented DeserializationPolicy validation hooks during reduce-state restoration and global-name resol…
CVE-2026-45434 critical 9.8 9.8 apache 16d ago Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgr…
CVE-2026-45187 medium 6.5 6.5 apache 16d ago Improper Authorization vulnerability in Apache OFBiz Webtools. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-41919 critical 9.1 9.1 apache 16d ago Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrad…
CVE-2026-35086 medium 6.5 6.5 apache 16d ago Improper Control of Generation of Code ('Code Injection') vulnerability in email services of Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to vers…
CVE-2026-31986 critical 9.1 9.1 apache 16d ago Use of Hard-coded Cryptographic Key vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-31906 medium 6.1 6.1 apache 16d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrad…
CVE-2026-31388 medium 5.3 5.3 apache 16d ago Improper Access Control vulnerability in Apache OFBiz in multi-tenant deployments. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixe…
CVE-2026-31387 medium 5.3 5.3 apache 16d ago Improper Authentication vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-31380 medium 6.5 6.5 apache 16d ago Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06…
CVE-2026-31379 medium 6.1 6.1 apache 16d ago Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Control of Generation of…
CVE-2026-31378 medium 6.5 6.5 apache 16d ago Improper Input Validation vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue.
CVE-2026-29220 medium 6.5 6.5 apache 16d ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to v…
CVE-2026-29207 medium 6.5 6.5 apache 16d ago Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24…
CVE-2025-55754 critical 9.6 9.6 FIX rhel slesdebian debian apache 16d ago Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Win…
CVE-2026-45205 medium 5.3 5.3 FIX debian debian sles apache 21d ago Apache Commons Configuration: StackOverflowError for YAML input with cycles
CVE-2026-43515 critical 9.1 9.1 FIX slesdebian debian apache 23d ago Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21,…
CVE-2026-43512 critical 9.8 9.8 FIX slesdebian debian apache 23d ago DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, fr…
CVE-2026-41293 critical 9.8 9.8 FIX slesdebian debian apache 23d ago Improper Input Validation vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 10.0.0…
CVE-2026-43826 medium 6.5 6.5 apache 24d ago The OpenSearch logging provider, when configured with a `host` URL that embeds credentials (for example `https://user:password@server.example.com:9200`), wrote the full host URL — including the embed…
CVE-2026-41018 medium 6.5 6.5 apache 24d ago Apache Airflow Providers Elasticsearch: Elasticsearch task-log handlers leak credentials embedded in the host URL
CVE-2026-25199 critical 9.1 9.1 apache 27d ago Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxm…
CVE-2025-69233 medium 5.3 5.3 apache 27d ago Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limi…
CVE-2025-66171 medium 6.5 6.5 apache 27d ago The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is e…
CVE-2025-66170 medium 6.5 6.5 apache 27d ago The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plug…
CVE-2026-43975 medium 6.5 6.5 apache 29d ago Apache Wicket has a Path Traversal issue
CVE-2026-42509 medium 6.1 6.1 apache 29d ago Apache Wicket has a Cross-site Scripting issue
CVE-2026-40010 critical 9.1 9.1 apache 29d ago Apache Wicket has a Session Fixation issue
CVE-2026-28780 critical 9.8 9.8 FIX debian debian rhel sles apache 29d ago Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy…
CVE-2026-43868 medium 5.3 5.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability
CVE-2026-42812 critical 9.9 9.9 apache 1mo ago Apache Polaris has an Improper Input Validation issue
CVE-2026-42811 critical 9.9 9.9 apache 1mo ago Apache Polaris has an Improper Input Validation issue
CVE-2026-42810 critical 9.9 9.9 apache 1mo ago Apache Polaris has an Improper Input Validation Issue
CVE-2026-42809 critical 9.9 9.9 apache 1mo ago Apache Polaris has an Improper Input Validation Issue
CVE-2026-42027 critical 9.8 9.8 FIX debian debian apache 1mo ago Apache OpenNLP ExtensionLoader Vulnerable to Arbitrary Class Instantiation via Model Manifest
CVE-2026-40682 critical 9.1 9.1 FIX debian debian apache 1mo ago Apache OpenNLP DictionaryEntryPersistor Vulnerable to XML External Entity (XXE) via Unsanitized Dictionary Parsing
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are rec…
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. …
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th…
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the…
CVE-2026-42779 critical 9.8 9.8 apache 1mo ago Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41635 Incomplete Fix)
CVE-2026-42778 critical 9.8 9.8 apache 1mo ago Apache MINA vulnerable to Deserialization of Untrusted Data (CVE-2026-41409 Incomplete Fix)
CVE-2026-41016 medium 5.9 5.9 apache 1mo ago apache-airflow-providers-smtp: No certificate validation on SMTP STARTTLS connections in SMTP provider
CVE-2026-41873 critical 9.8 9.8 apache 1mo ago ** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover. This issue affects all …
CVE-2026-41607 medium 6.5 6.5 FIX slesdebian debian apache 1mo ago Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
CVE-2026-41606 medium 5.3 5.3 FIX slesdebian debian apache 1mo ago Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
CVE-2026-41081 medium 6.5 6.5 apache 1mo ago Apache Storm's Improper Handling of TLS Client Authentication Failure Leads to Anonymous Principal Assignment
CVE-2026-40557 medium 4.8 4.8 apache 1mo ago Apache Storm Prometheus Reporter vulnerable to Improper Certificate Validation via Global SSL Context Downgrade
CVE-2026-33453 critical 10.0 10.0 apache 1mo ago Apache camel-coap allows header injection that can lead to remote code execution
CVE-2026-41409 critical 9.8 9.8 FIX debian debian apache 1mo ago Apache MINA Vulnerable to Deserialization of Untrusted Data (CVE-2024-52046 Incomplete Fix)
CVE-2026-33454 critical 9.4 9.4 apache 1mo ago Apache Camel's Camel-Mail component is vulnerable to Camel message header injection
CVE-2026-41635 critical 9.8 9.8 debian debian apache 1mo ago Apache MINA vulnerable to Deserialization of Untrusted Data
CVE-2026-40860 critical 9.8 9.8 apache 1mo ago JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject() …
CVE-2026-40453 critical 9.9 9.9 apache 1mo ago Apache Camel has an incomplete fix for CVE-2025-27636
CVE-2026-40948 medium 5.4 5.4 apache 2mo ago The Keycloak authentication manager in `apache-airflow-providers-keycloak` did not generate or validate the OAuth 2.0 `state` parameter on the login / login-callback flow, and did not use PKCE. An at…
CVE-2026-34477 medium 5.9 5.9 FIX debian debian sles apache 2mo ago Apache Log4j Core: `verifyHostName` attribute silently ignored in TLS configuration
CVE-2026-27446 critical 9.8 9.8 apache 3mo ago Apache Artemis and Apache ActiveMQ Artemis are Missing Authentication for Critical Functions
CVE-2025-61795 medium 5.3 5.3 FIX slesdebian debian apache 7mo ago Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred (including exceeding limits) during the processing of a multipart upload, temporary copies of the uploaded …
CVE-2023-48795 medium 5.9 5.9 FIX rhel rockydebian debian apacheopenbsdputty 3y ago The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from…
CVE-2022-45047 critical 9.8 9.8 FIX debian debian apache 4y ago Unsafe deserialization in Apache MINA SSHD
CVE-2013-1909 medium 5.8 apache 4y ago The Python client in Apache Qpid before 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which al…
CVE-2022-23305 critical 9.8 9.8 FIX debian debian sles rocky apachenetappbroadcom 4y ago RHSA-2022:0290: parfait:0.5 security update (Important)
CVE-2021-44832 medium 6.6 6.6 FIX debian debian slesfedora fedora apacheoraclecisco 5y ago Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender wit…
CVE-2021-45105 medium 5.9 5.9 FIX debian debian sles apachenetappsonicwall 5y ago Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thre…
CVE-2019-17571 critical 9.8 9.8 FIX debian debian slesubuntu ubuntu apachenetapporacle 7y ago Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization ga…
CVE-2017-5641 critical 9.8 9.8 apachehp 9y ago Apache Flex BlazeDS unsafe deserialization
CVE-2017-12630 medium 5.4 5.4 apache 9y ago Apache Drill vulnerable to Cross-site Scripting
CVE-2014-3250 medium 6.5 6.5 FIX debian debian puppetapache 9y ago The default vhost configuration file in Puppet before 3.6.2 does not include the SSLCARevocationCheck directive, which might allow remote attackers to obtain sensitive information via a revoked certi…
CVE-2017-15708 critical 9.8 9.8 apacheoracle 9y ago Remote Code Execution in Apache Synapse
CVE-2017-15707 medium 6.2 6.2 apachenetapporacle 9y ago Moderate severity vulnerability that affects org.apache.struts:struts2-rest-plugin
CVE-2017-15702 critical 9.8 9.8 apache 9y ago Apache Qpid Broker vulnerable to authentication port spoofing