CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

61165 matches found

RedhatCVE•added 2026/01/07 9:38 a.m.•11 views

CVE-1999-0071

Apache httpd cookie buffer overflow for versions 1.1.1 and earlier...

7.5CVSS7.5AI score0.03571EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•5 views

CVE-2019-12408

It was discovered that the C++ implementation which underlies the R, Python and Ruby implementations of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow...

7.5CVSS6.7AI score0.03225EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•7 views

CVE-2019-12426

an unauthenticated user could get access to information of some backend screens by invoking setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06...

5.3CVSS6.8AI score0.04889EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:29 a.m.•8 views

CVE-2019-12398

In Apache Airflow before 1.10.5 when running with the "classic" UI, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. The new "RBAC" UI is unaffected...

4.8CVSS7.4AI score0.01871EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:27 a.m.•8 views

CVE-2019-12425

Apache OFBiz 17.12.01 is vulnerable to Host header injection by accepting arbitrary host...

7.5CVSS7.3AI score0.04665EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:27 a.m.•7 views

CVE-2019-12407

On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the attacker to execute javascript in the victim's browser and get some sensitive...

6.1CVSS5.9AI score0.02913EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:27 a.m.•5 views

CVE-2019-12397

Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnerable to a cross-site scripting issue. Upgrade to 2.0.0 or later version of Apache Ranger with the fix...

6.1CVSS6.1AI score0.02965EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:17 a.m.•8 views

CVE-2025-1075

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...

7.5CVSS6.8AI score0.00286EPSS

Exploits0References1