Apache

NewsSecurity Vulnerabilities

Apache Pinot Improper Neutralization of Special Elements Authentication Bypass Vulnerability (CVE-2024-56325)

Kerry Dean 283 Views 0 Comments 0 min read

CVE-2024-56325 vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot.

Read More
NewsSecurity Vulnerabilities

Apache Arrow R package – Arbitrary code execution when loading a malicious data file [CVE-2024-52338]

Jason Davies 288 Views 0 Comments 1 min read

CVE number = CVE-2024-52338 Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0

Read More
Security VulnerabilitiesNews

Apache OFBiz resolveURI Authentication Bypass Vulnerability [CVE-2024-38856]

Jason Davies 739 Views 0 Comments 0 min read

CVE number = CVE-2024-38856 CVSS score = 9.8 This vulnerability allows remote attackers to bypass authentication on affected installations of

Read More
Security VulnerabilitiesNews

Apache OFBiz createRegister Error Message Information Disclosure Vulnerability [CVE-2024-23946]

Jason Davies 1337 Views 0 Comments 0 min read

CVE number = CVE-2024-23946 This vulnerability in Apache OFBiz allows remote attackers to disclose sensitive information on affected installations of

Read More
Security VulnerabilitiesNews

Remote code execution vulnerability found in Apache Struts 2 [CVE-2023-50164]

Kerry Dean 1931 Views 0 Comments 1 min read

Apache has issued a warning to its users regarding a critical remote code execution (RCE) vulnerability found in its widely-used

Read More
Security VulnerabilitiesNews

Apache Batik DefaultScriptSecurity Server-Side Request Forgery Remote Code Execution Vulnerability [CVE-2022-40146]

Jason Davies 1952 Views 0 Comments 0 min read

CVE number – CVE-2022-40146 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache Batik. Interaction

Read More
Security VulnerabilitiesNews

Apache Batik DefaultExternalResourceSecurity Server-Side Request Forgery Information Disclosure Vulnerability [CVE-2022-38398]

Duncan 1916 Views 0 Comments 0 min read

CVE number = CVE-2022-38398 This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apache Batik. Interaction

Read More
Security VulnerabilitiesNews

Apache HTTPD Server ap_escape_html2 Integer Overflow Remote Code Execution Vulnerability [CVE-2022-22721]

Luke Simmonds 2116 Views 0 Comments 0 min read

CVE number – CVE-2022-22721 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apache HTTPD Server.

Read More
Security VulnerabilitiesNews

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability [CVE-2021-45105]

Duncan 2556 Views 0 Comments 0 min read

Please note that this vulnerability is not the main well known Log4j one, for further information on CVE-2021-44228 please click

Read More
Security VulnerabilitiesNews

Critical Apache Log4j remote code execution vulnerability [CVE-2021-44228]

Duncan 4621 Views 0 Comments 4 min read

A critical remote code execution vulnerability in Apache Foundation Log4j library has been discovered. This vulnerability has been dubbed Log4Shell.

Read More