Vulnerabilidades en Apache Software Foundation
1872 resultadosCVE-2021-26691—Apache HTTP Server mod_session response handling heap overflowEPSS 68.1%CVE-2024-38472HIGHApache HTTP Server on WIndows UNC SSRFEPSS 68.0%CVE-2022-25813—Server-Side Template Injection affecting the ecommerce plugin of Apache OFBizEPSS 67.3%CVE-2022-23305CRITICALSQL injection in JDBC Appender in Apache Log4j V1EPSS 66.5%CVE-2025-55752HIGHApache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabledEPSS 66.5%CVE-2025-31650HIGHApache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frameEPSS 66.4%CVE-2018-11770—From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism uEPSS 65.9%CVE-2021-40865—Unsafe Pre-Authentication Deserialization In WorkersEPSS 65.6%CVE-2024-54676CRITICALApache OpenMeetings: Deserialisation of untrusted data in cluster modeEPSS 65.2%CVE-2021-26690—mod_session NULL pointer dereferenceEPSS 65.1%CVE-2021-34798—NULL pointer dereference in httpd coreEPSS 64.5%CVE-2021-28125—Apache Superset Open RedirectEPSS 63.8%CVE-2023-34468HIGHApache NiFi: Potential Code Injection with Database Services using H2EPSS 63.4%CVE-2023-50968—Apache OFBiz: Arbitrary file properties reading and SSRF attackEPSS 63.4%CVE-2025-48976HIGHApache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headersEPSS 63.3%CVE-2021-36160—mod_proxy_uwsgi out of bound readEPSS 62.9%CVE-2022-23302HIGHDeserialization of untrusted data in JMSSink in Apache Log4j 1.xEPSS 61.8%CVE-2021-30181—Apache Dubbo RCE on customers via Script route poisoning (Nashorn script injection)EPSS 61.5%CVE-2025-27817HIGHApache Kafka Client: Arbitrary file read and SSRF vulnerabilityEPSS 60.8%CVE-2021-30180—Apache Dubbo RCE on customers via Condition route poisoning (Unsafe YAML unmarshaling)EPSS 60.4%