🔍 Suche
Durchsuche Tutorials, CVEs, Tools und Seiten
🛡️ CVEs (20+)
CVE-2026-57915
hoch (7.3)CVE-2026-57915 - It is possible to bypass the Kerberos pre-authentication check in Apache Kerby by sending a PA-DATA
CVE-2025-64152
kritisch (9.1)CVE-2025-64152 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac
CVE-2025-55017
kritisch (9.1)CVE-2025-55017 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apac
CVE-2026-57914
mittel (6.5)CVE-2026-57914 - By sending a deeply nested ASN1 structure to a Apache Kerby client or service, it's possible to trig
CVE-2026-49486
hoch (7.5)CVE-2026-49486 - The Apache Airflow FTP provider's `FTPSHook.get_conn()` created an `ftplib.FTP_TLS` connection but n
CVE-2026-48946
mittel (6.3)CVE-2026-48946 - The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's
CVE-2026-56130
niedrig (0.0)CVE-2026-56130 - "Remember me" cookie age is not verified on the server. This potentially allows an attacker to inter
CVE-2026-56091
niedrig (0.0)CVE-2026-56091 - When using Apache Shiro with the shiro-guice module in a web servlet context, a specially crafted HT
CVE-2026-54226
niedrig (0.0)CVE-2026-54226 - A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.6.0 through 2.15.0. U
CVE-2026-46752
niedrig (0.0)CVE-2026-46752 - Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This issue affects Apache
CVE-2026-46751
niedrig (0.0)CVE-2026-46751 - A vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 2.2.0 through 2.15.0. U
CVE-2026-45188
niedrig (0.0)CVE-2026-45188 - Relative Path Traversal vulnerability in Apache Kvrocks. This issue affects Apache Kvrocks: from 1.
CVE-2026-41566
niedrig (0.0)CVE-2026-41566 - Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kvrocks. This i
CVE-2026-54665
mittel (5.3)CVE-2026-54665 - Apache NiFi 0.0.1 through 2.9.0 support building qualified URLs from one of several HTTP request hea
CVE-2026-44914
hoch (7.2)CVE-2026-44914 - Apache NiFi 1.12.0 through 2.9.0 are missing authorization when replacing Process Groups that includ
CVE-2026-44913
hoch (7.2)CVE-2026-44913 - Improper escaping of database table names in the CaptureChangeMySQL Processor included with Apache N
CVE-2026-44911
mittel (6.3)CVE-2026-44911 - Authorization handling for component configuration verification requests in Apache NiFi 1.15.0 throu
CVE-2025-66336
hoch (8.1)CVE-2025-66336 - Apache Doris MCP Server contains a SQL injection vulnerability in a metadata query path. A user-cont
CVE-2025-62198
mittel (5.4)CVE-2025-62198 - An authenticated user can perform XSS. This issue affects Apache Atlas versions 2.4.0 and earlier.
CVE-2026-49872
hoch (8.1)CVE-2026-49872 - Improper Authentication vulnerability in Apache APISIX. When the cas-auth plugin is used in a route