cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-23015,https://securityvulnerability.io/vulnerability/CVE-2025-23015,Privilege Escalation Vulnerability in Apache Cassandra,"A Privilege Defined With Unsafe Actions vulnerability exists in Apache Cassandra, allowing users with MODIFY permissions on all keyspaces to escalate their privileges to superuser. This can be exploited through unsafe actions to system resources, potentially leading to unauthorized access and data breaches within a targeted Cassandra cluster. Operators are advised to review permissions and access rules associated with data MODIFY privileges to mitigate risks associated with this vulnerability.",Apache,Apache Cassandra,8.8,HIGH,0.01,false,,false,false,false,,false,false,false,,2025-02-04T09:37:18.580Z,0
CVE-2025-24783,https://securityvulnerability.io/vulnerability/CVE-2025-24783,Pseudo-Random Number Generator Flaw in Apache Cocoon by Apache,"A vulnerability exists in Apache Cocoon due to an incorrect implementation of the pseudo-random number generator (PRNG) used for generating continuation identifiers. The randomness was compromised by seeding the PRNG with the startup time, which may lead to insufficient unpredictability. Consequently, attackers could potentially guess continuation IDs, granting them unauthorized access to sensitive information. As Apache Cocoon is a retired project, no official fixes are available; therefore, users are advised to either adopt alternative solutions or restrict access strictly to trusted users. Enabling the 'session-bound-continuations' option can mitigate exposure by ensuring continuity identifiers are not shared across different user sessions.",Apache,Apache Cocoon,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-27T14:47:42.845Z,0
CVE-2024-45479,https://securityvulnerability.io/vulnerability/CVE-2024-45479,SSRF Vulnerability in Apache Ranger UI Version 2.4.0,"A Server-Side Request Forgery (SSRF) vulnerability exists in the Edit Service Page of the Apache Ranger UI, specifically in Apache Ranger Version 2.4.0. This flaw could allow an attacker to manipulate the server into making unintended requests, potentially gaining access to sensitive internal resources. To mitigate this risk, users are strongly advised to upgrade to Apache Ranger Version 2.5.0, where this issue has been addressed.",Apache,Apache Ranger,9.1,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T22:15:00.000Z,0
CVE-2024-51941,https://securityvulnerability.io/vulnerability/CVE-2024-51941,Remote Code Injection Vulnerability in Apache Ambari Metrics by Apache,"A remote code injection vulnerability in the Apache Ambari Metrics and AMS Alerts feature permits authenticated users to inject and execute arbitrary code. This vulnerability arises during the processing of alert definitions, enabling the insertion of malicious input into the alert script execution path. An attacker with authenticated access can exploit this vulnerability to run arbitrary commands on the server. The issue has been addressed in the latest patch releases of Apache Ambari.",Apache,Apache Ambari,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T22:15:00.000Z,0
CVE-2025-23195,https://securityvulnerability.io/vulnerability/CVE-2025-23195,XML External Entity Vulnerability in Apache Ambari and Oozie,"An XML External Entity (XXE) vulnerability in the Apache Ambari and Oozie projects allows attackers to inject malicious XML entities. This security weakness arises from the insecure parsing of XML input using the `DocumentBuilderFactory` class without properly disabling external entity resolution. By exploiting this flaw, attackers can gain access to arbitrary files on the server and potentially execute server-side request forgery (SSRF) attacks. The issue has been remediated in Ambari version 2.7.9, as well as in the trunk branch.",Apache,Apache Ambari,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T22:15:00.000Z,0
CVE-2025-23196,https://securityvulnerability.io/vulnerability/CVE-2025-23196,Code Injection Vulnerability in Ambari Alert Definition by Apache,"A code injection vulnerability exists in the Ambari Alert Definition feature that permits authenticated users to inject and execute arbitrary shell commands. This vulnerability is linked to the alert script definitions where the script filename is executed using a shell command. If exploited, an attacker with authenticated access can send malicious commands, leading to remote code execution on the targeted server. The vulnerability has been addressed in the latest versions of Ambari, emphasizing the importance of prompt updates for users.",Apache,Apache Ambari,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T22:15:00.000Z,0
CVE-2024-45033,https://securityvulnerability.io/vulnerability/CVE-2024-45033,Insufficient Session Expiration in Apache Airflow Fab Provider,"An insufficient session expiration vulnerability exists in the Apache Airflow Fab Provider, which allows users to remain logged in even after their password has been modified through the admin CLI. This issue was specifically noted in versions prior to 1.5.2, and it poses a risk since users might retain session access despite a password change. In contrast, session handling behaves securely when password changes are initiated via the web server. For enhanced security, it is recommended that users upgrade to version 1.5.2, which addresses this oversight.",Apache,Apache Airflow Fab Provider,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-08T08:41:39.579Z,0
CVE-2024-54676,https://securityvulnerability.io/vulnerability/CVE-2024-54676,Deserialization Vulnerability in Apache OpenMeetings by The Apache Software Foundation,"A deserialization vulnerability in Apache OpenMeetings due to inadequate clustering instructions can lead to potential exploitation. The default setup does not detail blacklists or whitelists for OpenJPA, allowing attackers to manipulate the deserialization process and potentially execute malicious code. Users are strongly advised to upgrade to version 8.0.0 and adjust startup scripts to implement the appropriate 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' settings. This precaution is crucial for maintaining the security of the application against unauthorized data handling.",Apache,Apache Openmeetings,9.8,CRITICAL,0.001769999973475933,false,,false,false,false,,false,false,false,,2025-01-08T08:40:03.705Z,0
CVE-2024-52046,https://securityvulnerability.io/vulnerability/CVE-2024-52046,Remote Code Execution Risk in Apache MINA ObjectSerializationDecoder,"The ObjectSerializationDecoder in Apache MINA is vulnerable due to its reliance on Java's native deserialization without implementing proper security measures. This flaw allows attackers to exploit the deserialization process by sending specially crafted data, which may result in remote code execution on the affected systems. The vulnerability impacts MINA core versions 2.0.X, 2.1.X, and 2.2.X, necessitating upgrades to the patched versions: 2.0.27, 2.1.10, and 2.2.4. Applications utilizing the IoBuffer#getObject() method and employing ProtocolCodecFilter with ObjectSerializationCodecFactory are particularly at risk. To safeguard against this vulnerability, developers must not only update the MINA library but also configure the ObjectSerializationDecoder to explicitly permit the deserialization of specific class names and patterns. By default, the decoder rejects all class types present in incoming serialized data, thereby providing a layer of security when correctly configured.",Apache,Apache Mina,10,CRITICAL,0.0004299999854993075,false,,false,false,false,,,true,true,2024-12-31T06:52:02.724Z,2024-12-25T10:06:23.887Z,6153
CVE-2024-45387,https://securityvulnerability.io/vulnerability/CVE-2024-45387,SQL Injection Vulnerability in Apache Traffic Control,"A vulnerability exists in Traffic Ops of Apache Traffic Control that allows a privileged user with roles such as 'admin', 'federation', 'operations', 'portal', or 'steering' to perform SQL injection attacks. By crafting a specially-designed PUT request, these users can execute arbitrary SQL commands against the database, potentially compromising data integrity and confidentiality. It is essential for users operating susceptible versions of Apache Traffic Control to upgrade to version 8.0.2 to mitigate this risk effectively.",Apache,Apache Traffic Control,9.9,CRITICAL,0.0004299999854993075,false,,true,true,true,2024-12-25T09:18:55.000Z,,true,false,,2024-12-23T15:30:13.873Z,2874
CVE-2024-56337,https://securityvulnerability.io/vulnerability/CVE-2024-56337,Race Condition Vulnerability in Apache Tomcat Affects Multiple Versions,"CVE-2024-56337 is a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability affecting Apache Tomcat across several versions. The vulnerability arises when Tomcat is run on a case-insensitive file system with the default servlet write capability enabled. Users may be exposed if they do not properly configure their systems as the initial workaround for CVE-2024-50379 was insufficient. Specifically, additional configuration is vital for systems utilizing Java 8 or Java 11, where the system property 'sun.io.useCanonCaches' needs to be set to false. For Java 17, the same property, if originally set, must also be false, while Tomcat versions 11.0.3, 10.1.35, and 9.0.99 and higher will check this setting before allowing default servlet write access on case-insensitive file systems, automatically applying the appropriate configurations where applicable.",Apache,Apache Tomcat,9.8,CRITICAL,0.0004299999854993075,false,,true,false,true,2025-01-27T16:33:56.000Z,,true,true,2024-12-26T02:52:02.176Z,2024-12-20T16:15:00.000Z,6396
CVE-2024-50379,https://securityvulnerability.io/vulnerability/CVE-2024-50379,Race Condition Vulnerability in Apache Tomcat Leading to Remote Code Execution,"The vulnerability allows an attacker to potentially execute arbitrary code on systems running Apache Tomcat, specifically when the default servlet is enabled for write access, and the system is utilizing case insensitive file systems. This occurs due to a timing issue during JSP compilation, which results in a time-of-check time-of-use (TOCTOU) race condition. The affected versions include Apache Tomcat from 11.0.0-M1 to 11.0.1, 10.1.0-M1 to 10.1.33, and 9.0.0.M1 to 9.0.97. To mitigate this vulnerability, it is crucial for users to upgrade to the patched versions: 11.0.2, 10.1.34, or 9.0.98.",Apache,Apache Tomcat,9.8,CRITICAL,0.0004299999854993075,false,,true,false,true,2024-12-20T14:24:10.000Z,true,true,true,2024-12-24T00:52:01.825Z,2024-12-17T13:15:00.000Z,9063
CVE-2024-52316,https://securityvulnerability.io/vulnerability/CVE-2024-52316,Unchecked Error Condition Vulnerability Affects Apache Tomcat,"This vulnerability within Apache Tomcat arises from the potential for authentication bypass when a custom Jakarta Authentication ServerAuthContext encounters an exception. If this exception occurs without a corresponding HTTP status indicating failure, the system may erroneously allow the user to pass through authentication checks. Currently, there are no known Jakarta Authentication components that exhibit such behavior, highlighting the importance of proper configuration to prevent unauthorized access. Users of affected versions are strongly advised to upgrade to the latest secure releases to mitigate this risk.",Apache,Apache Tomcat,9.8,CRITICAL,0.0004299999854993075,false,,false,false,true,2024-11-20T19:22:50.000Z,true,false,false,,2024-11-18T12:15:00.000Z,0
CVE-2024-50386,https://securityvulnerability.io/vulnerability/CVE-2024-50386,Security Flaw Allowing Malicious Template Registration in Apache CloudStack,"In Apache CloudStack, account users are permitted by default to register templates for direct download to primary storage, which poses a significant security risk. This vulnerability stems from inadequate validation checks for KVM-compatible templates in several versions. An attacker capable of registering templates could deploy malicious instances on KVM environments, potentially compromising the host filesystem. This could lead to severe consequences, including data loss, integrity issues, and denial of service for KVM infrastructures managed by CloudStack. It is advised to upgrade to version 4.18.2.5 or 4.19.1.3 or later and to perform stringent checks on user-registered KVM templates to ensure they do not possess unnecessary functionalities that could be exploited.",Apache,Apache CloudStack,9.9,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-11-12T15:15:00.000Z,0
CVE-2024-38286,https://securityvulnerability.io/vulnerability/CVE-2024-38286,Allocation of Resources Without Limits or Throttling Vulnerability Affects Multiple Apache Tomcat Versions,"A resource allocation vulnerability exists in Apache Tomcat, allowing attackers to exploit the TLS handshake process. This exploitation can lead to an OutOfMemoryError under specific configurations on any platform, potentially affecting the availability of the application. The issue impacts several versions of Apache Tomcat, prompting users to update to secure versions 11.0.0-M21, 10.1.25, or 9.0.90 to mitigate this risk. Older, unsupported versions of the software may also be vulnerable.",Apache,Apache Tomcat,8.6,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-07T07:37:32.224Z,0
CVE-2024-45693,https://securityvulnerability.io/vulnerability/CVE-2024-45693,"Attackers Can Trick Users into Submitting Malicious CSRF Requests, Leading to Privilege Escalation and Data Exposure","A security vulnerability exists in the Apache CloudStack web interface, allowing authenticated users to be deceived into executing unauthorized Cross-Site Request Forgery (CSRF) actions. This flaw originates from a lack of proper validation of request origins. Exploitation of this vulnerability permits attackers to manipulate user sessions, gain elevated privileges, seize control over user accounts, disrupt operations, and access sensitive information managed by the affected cloud platform. Users on versions 4.15.1.0 to 4.18.2.3 and 4.19.0.0 to 4.19.1.1 are particularly impacted. It is highly recommended to upgrade to versions 4.18.2.4 or 4.19.1.2 or later to mitigate these risks.",Apache CloudStack,Cloudstack,8.8,HIGH,0.0014400000218302011,false,,false,false,false,,,false,false,,2024-10-16T08:15:00.000Z,0
CVE-2024-45462,https://securityvulnerability.io/vulnerability/CVE-2024-45462,Unexpected Session Expiration Vulnerability Affects CloudStack Users,"The logout feature within the Apache CloudStack web interface fails to fully expire user sessions. As a result, even after logging out, sessions can remain valid until they either time out or the backend service is restarted. This vulnerability could allow an attacker, who has gained access to a user's browser, to exploit an unexpired session and access resources belonging to the previously logged-out user. Users utilizing Apache CloudStack versions from 4.15.1.0 to 4.18.2.3 and from 4.19.0.0 to 4.19.1.1 are specifically affected. To mitigate this issue, upgrading to versions 4.18.2.4 or 4.19.1.2 or later is recommended.",Apache CloudStack,Cloudstack,7.1,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-10-16T08:15:00.000Z,0
CVE-2023-50780,https://securityvulnerability.io/vulnerability/CVE-2023-50780,Arbitrary File Write Vulnerability in ActiveMQ Artemis Could Lead to RCE,"The vulnerability in Apache ActiveMQ Artemis originates from the unauthorized exposure of diagnostic information and control mechanisms through MBeans, particularly accessible via the authenticated Jolokia endpoint. Prior to version 2.29.0, the Log4J2 MBean was also part of this exposure, which is not intended for non-administrative user access. An authenticated attacker can leverage this situation to write arbitrary files to the filesystem, paving the way for potential remote code execution. It is strongly recommended that users upgrade to version 2.29.0 or later to mitigate this risk.",Apache,Apache ActiveMQ Artemis,8.8,HIGH,0.0006500000017695129,false,,false,false,true,2024-12-18T07:07:24.000Z,true,false,false,,2024-10-14T16:03:38.321Z,0
CVE-2024-45772,https://securityvulnerability.io/vulnerability/CVE-2024-45772,Deserialization of Untrusted Data Vulnerability Affecting Apache Lucene Replicator,"A deserialization of untrusted data vulnerability exists in the Apache Lucene Lucene's replicator module, impacting versions from 4.4.0 up to 9.12.0. The vulnerability is linked to the deprecated org.apache.lucene.replicator.http package, which poses risks when deployed in network-accessible implementations. User-defined clients utilizing HTTP libraries that access this API may trigger the deserialization issue. To mitigate this vulnerability on affected versions, Java serialization filters can be implemented (e.g., using -Djdk.serialFilter='!*' on the command line), ensuring functionality is not disrupted. Users are highly encouraged to upgrade to version 9.12.0 or later, which corrects this flaw.",Apache,Apache Lucene Replicator,8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-09-30T08:51:30.950Z,0
CVE-2024-47197,https://securityvulnerability.io/vulnerability/CVE-2024-47197,Unintended Publishing of Sensitive Information in Maven Artifact,"A vulnerability has been identified in the Maven Archetype Plugin, where sensitive information may be exposed to unauthorized actors due to insecure storage practices. Specifically, the plugin creates an 'archetype-settings.xml' file under './target/classes/archetype-it/' during integration testing. This file inadvertently includes the complete contents of the user's '~/.m2/settings.xml' file, which often contains sensitive data, such as user credentials. If the user subsequently executes the 'mvn verify' command without running 'mvn clean', this sensitive file can be bundled into the final artifact. As a result, developers may unintentionally publish their credentials to Maven Central or other repositories, compromising their security. It is strongly recommended to upgrade to version 3.3.0 of the Maven Archetype Plugin, which addresses this vulnerability.",Apache,Maven Archetype Plugin,7.5,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2024-09-26T08:01:24.486Z,0
CVE-2024-22399,https://securityvulnerability.io/vulnerability/CVE-2024-22399,Deserialization Vulnerability in Apache Seata by Apache,"A vulnerability exists in Apache Seata that allows attackers to exploit deserialization of untrusted data. This occurs when developers disable authentication on the Seata-Server and do not utilize the Seata client SDK dependencies. Malicious actors can send improperly constructed serialized requests using bytecode that adheres to the Seata private protocol. This flaw affects versions of Apache Seata from 1.0.0 to 1.8.0 and is present in version 2.0.0. Users are advised to upgrade to version 2.1.0 or 1.8.1, which address this vulnerability.",Apache,Seata,9.8,CRITICAL,0.020230000838637352,false,,false,false,false,,,false,false,,2024-09-16T12:15:00.000Z,0
CVE-2024-45195,https://securityvulnerability.io/vulnerability/CVE-2024-45195,Apache OFBiz vulnerable to 'Forced Browsing' (Direct Request) attack,"The vulnerability CVE-2024-45195 affects Apache OFBiz versions before 18.12.16, allowing attackers to execute arbitrary code on the server without valid credentials. This vulnerability poses a severe risk to organizations relying on OFBiz, including potential data theft, disruption of operations, and lateral movement and persistence within the network. Apache has released a patch in version 18.12.16 to address this vulnerability, along with three other related vulnerabilities. Previous vulnerabilities in Apache OFBiz have been actively exploited, making it crucial for organizations to promptly implement the patch to safeguard their critical data and mitigate their attack surface.",Apache,Apache Ofbiz,7.5,HIGH,0.030239999294281006,true,2025-02-04T00:00:00.000Z,true,false,true,2024-09-06T01:00:00.000Z,,false,false,,2024-09-04T08:08:59.201Z,0
CVE-2024-45507,https://securityvulnerability.io/vulnerability/CVE-2024-45507,Server-Side Request Forgery (SSRF) and Improper Control of Generation of Code (Code Injection) Vulnerability in Apache OFBiz,"A vulnerability has been identified in Apache OFBiz that allows for server-side request forgery (SSRF) due to improper handling of code generation. This flaw can enable an attacker to manipulate web requests from the server, potentially leading to unauthorized access or data exposure. The vulnerability affects Apache OFBiz versions prior to 18.12.16. It is highly recommended that users upgrade to version 18.12.16 or later to mitigate this issue. For detailed information, users can refer to the official patches and mitigation strategies provided by Apache.",Apache,Apache Ofbiz,9.8,CRITICAL,0.6534799933433533,false,,false,false,false,,,true,false,,2024-09-04T08:08:33.876Z,3498
CVE-2023-49198,https://securityvulnerability.io/vulnerability/CVE-2023-49198,MySQL Security Vulnerability in Apache SeaTunnel,"A security vulnerability in Apache SeaTunnel affects the MySQL server, enabling attackers to gain unauthorized access to files by altering the parameters in the MySQL URL. Specifically, by setting certain parameters such as allowLoadLocalInfile and allowUrlInLocalInfile to true, along with crafting specific paths, attackers can exploit this flaw to read sensitive information stored on the server. It is crucial for users running Apache SeaTunnel version 1.0.0 to upgrade to version 1.0.1 to protect against this issue and secure their MySQL environment.",Apache,Apache Seatunnel Web,7.5,HIGH,0.001120000029914081,false,,false,false,false,,,false,false,,2024-08-21T09:37:57.478Z,0
CVE-2024-42361,https://securityvulnerability.io/vulnerability/CVE-2024-42361,GHSL-2023-256: HertzBeat Authenticated (guest role) SQL injection in /api/monitor/{monitorId}/metric/{metricFull},"Hertzbeat, an open-source real-time monitoring system, is susceptible to a SQL injection vulnerability in its API. The flaw exists in versions 1.6.0 and earlier, specifically within the /api/monitor/{monitorId}/metric/{metricFull} endpoint. This endpoint allows users to download job metrics and executes a SQL query using data from user inputs without sufficient validation. Consequently, attackers can manipulate the input parameters, potentially compromising the integrity and confidentiality of the database. Proper security measures should be applied to validate and sanitize all user inputs to mitigate the risk associated with this vulnerability.",Apache,Hertzbeat,9.8,CRITICAL,0.003650000086054206,false,,false,false,false,,,false,false,,2024-08-20T21:15:00.000Z,0