Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2025-68493 |
|
XXE (XML External Entity) in apache (CVE-2025-68493)
vulnerability in apache (CVE-2025-68493). Confidential information can be exposed externally.
|
| CVE-2013-2251 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2013-2251)
vulnerability in Apache struts (CVE-2013-2251). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-9805 KEV |
|
[KEV] Unsafe Deserialization in Apache struts (CVE-2017-9805)
vulnerability in Apache struts (CVE-2017-9805). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2018-11776 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2018-11776)
vulnerability in Apache struts (CVE-2018-11776). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-5638 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2017-5638)
vulnerability in Apache struts (CVE-2017-5638). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-17530 KEV |
|
[KEV] Vulnerability in Apache struts (CVE-2020-17530)
vulnerability in Apache struts (CVE-2020-17530). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2017-15707 |
|
Vulnerability in apache (CVE-2017-15707)
vulnerability in apache (CVE-2017-15707). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-3090 |
|
Vulnerability in apache (CVE-2016-3090)
vulnerability in apache (CVE-2016-3090). Successful exploitation can lead to full system takeover.
|
| CVE-2016-4461 |
|
Vulnerability in apache (CVE-2016-4461)
vulnerability in apache (CVE-2016-4461). Successful exploitation can lead to full system takeover.
|
| CVE-2015-5169 |
|
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20.
|
| CVE-2016-6795 |
|
Path Traversal in apache (CVE-2016-6795)
path traversal in apache (CVE-2016-6795). Successful exploitation can lead to full system takeover.
|
| CVE-2016-8738 |
|
Vulnerability in apache (CVE-2016-8738)
vulnerability in apache (CVE-2016-8738). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12611 |
|
Vulnerability in apache (CVE-2017-12611)
vulnerability in apache (CVE-2017-12611). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9793 |
|
Vulnerability in apache (CVE-2017-9793)
vulnerability in apache (CVE-2017-9793). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9804 |
|
Vulnerability in apache (CVE-2017-9804)
vulnerability in apache (CVE-2017-9804). Risk of unauthorized operations or information disclosure.
|
| CVE-2015-5209 |
|
Vulnerability in apache (CVE-2015-5209)
vulnerability in apache (CVE-2015-5209). Data can be tampered with by attackers.
|
| CVE-2017-7672 |
|
Vulnerability in apache (CVE-2017-7672)
vulnerability in apache (CVE-2017-7672). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9787 |
|
Vulnerability in apache (CVE-2017-9787)
vulnerability in apache (CVE-2017-9787). Risk of unauthorized operations or information disclosure.
|