National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • Keyword (text search): Apache
There are 1,663 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2018-11773

Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The implementation of strtotime at the time the issue was discovered appeared to be resistant to a malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.

Published: July 29, 2019; 03:15:11 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2018-11772

Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what node (if any) was previously selected in the privilege tree. The cookie data is then used in an SQL statement. This allows for an SQL injection attack. Access to this portion of a VCL system requires admin level rights. Other layers of security seem to protect against malicious attack. However, all VCL systems running versions earlier than 2.5.1 should be upgraded or patched. This vulnerability was found and reported to the Apache VCL project by ADLab of Venustech.

Published: July 29, 2019; 03:15:10 PM -04:00
V3.0: 7.2 HIGH
    V2: 6.5 MEDIUM
CVE-2019-14379

SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.

Published: July 29, 2019; 08:15:16 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

Published: July 26, 2019; 03:15:11 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-0202

The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these endpoints.

Published: July 25, 2019; 08:15:11 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2018-11779

In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java class.

Published: July 25, 2019; 08:15:10 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-1010206

OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL certificate validation. The impact is: certificate spoofing. The component is: use this library when https communication. The attack vector is: certificate spoofing.

Published: July 23, 2019; 10:15:13 AM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-11989

A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for Apache 2.4 on RHEL 7, 10.0 for Apache 2.4 on HP-UX 11i v3, 10.0 for IIS on Windows, 11.0 for Apache 2.4 on RHEL 7, MFA Proxy 4.0 (Agent module only) for Apache 2.4 on RHEL 7.

Published: July 19, 2019; 06:15:11 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 7.1 HIGH
CVE-2019-13980

In Directus 7 API through 2.3.0, uploading of PHP files is blocked only when the Apache HTTP Server is used, leading to uploads/_/originals remote code execution with nginx.

Published: July 19, 2019; 11:15:12 AM -04:00
V3.0: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-0234

A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3.

Published: July 15, 2019; 06:15:12 PM -04:00
V3.0: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2018-17196

In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to 2.1.1 or later where this vulnerability has been fixed.

Published: July 11, 2019; 05:15:09 PM -04:00
V3.0: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2018-11307

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.

Published: July 09, 2019; 12:15:12 PM -04:00
V3.0: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-13402

/usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactorydefault.cgi on Dynacolor FCM-MB40 v1.2.0.0 devices implement an incomplete factory-reset process. A backdoor can persist because neither system accounts nor the set of services is reset.

Published: July 07, 2019; 09:15:10 PM -04:00
V3.0: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2019-13035

Artica Pandora FMS 7.0 NG before 735 suffers from local privilege escalation due to improper permissions on C:\PandoraFMS and its sub-folders, allowing standard users to create new files. Moreover, the Apache service httpd.exe will try to execute cmd.exe from C:\PandoraFMS (the current directory) as NT AUTHORITY\SYSTEM upon web requests to the portal. This will effectively allow non-privileged users to escalate privileges to NT AUTHORITY\SYSTEM.

Published: June 29, 2019; 09:15:08 AM -04:00
V3.0: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2014-9699

The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled. Apache logs, system logs, design files (i.e., a history of print files), and more are exposed to unauthenticated attackers through this HTTP server.

Published: June 24, 2019; 05:15:11 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-12384

FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible.

Published: June 24, 2019; 12:15:15 PM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-12938

The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI.

Published: June 24, 2019; 10:15:09 AM -04:00
V3.0: 4.3 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-10072

The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOW_UPDATE messages for the connection window (stream 0) clients were able to cause server-side threads to block eventually leading to thread exhaustion and a DoS.

Published: June 21, 2019; 02:15:09 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2017-15694

When an Apache Geode server versions 1.0.0 to 1.8.0 is operating in secure mode, a user with write permissions for specific data regions can modify internal cluster metadata. A malicious user could modify this data in a way that affects the operation of the cluster.

Published: June 21, 2019; 12:15:09 PM -04:00
V3.0: 6.5 MEDIUM
    V2: 4.0 MEDIUM
CVE-2019-12814

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server.

Published: June 19, 2019; 10:15:10 AM -04:00
V3.0: 5.9 MEDIUM
    V2: 4.3 MEDIUM