| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2020-13959 | Velocity Tools XSS Vulnerability | Apache Software Foundation | Apache Velocity Tools | 中危 | - | 2021-03-10 08:00:19 | Deep Dive |
| CVE-2020-35451 | Oozie local privilege escalation | Apache Software Foundation | Apache Oozie | 中危 | - | 2021-03-09 15:20:13 | Deep Dive |
| CVE-2021-27907 | Apache Superset stored XSS on Dashboard markdown | Apache Software Foundation | Apache Superset | 中危 | - | 2021-03-05 11:35:15 | Deep Dive |
| CVE-2020-1936 | Stored XSS in Apache Ambari | Apache Software Foundation | Apache Ambari | 中危 | - | 2021-03-02 09:00:22 | Deep Dive |
| CVE-2020-9479 | unzip directory traversal | Apache Software Foundation | Apache AsterixDB | 中危 | - | 2021-03-01 15:55:12 | Deep Dive |
| CVE-2021-25122 | Apache Tomcat h2c request mix-up | Apache Software Foundation | Apache Tomcat | 高危 | - | 2021-03-01 12:00:20 | Deep Dive |
| CVE-2021-25329 | Incomplete fix for CVE-2020-9484 | Apache Software Foundation | Apache Tomcat | 高危 | - | 2021-03-01 12:00:20 | Deep Dive |
| CVE-2021-26544 | Apache Livy (Incubating) is vulnerable to cross site scripting | Apache Software Foundation | Apache Livy (Incubating) | 中危 | - | 2021-02-20 09:00:15 | Deep Dive |
| CVE-2021-26296 | Cross-Site Request Forgery (CSRF) vulnerability in Apache MyFaces | Apache Software Foundation | Apache MyFaces Core | 高危 | - | 2021-02-19 08:30:14 | Deep Dive |
| CVE-2021-26697 | Apache Airflow: Lineage API endpoint for Experimental API missed authentication check | Apache Software Foundation | Apache Airflow | 中危 | - | 2021-02-17 14:15:15 | Deep Dive |
| CVE-2021-26559 | CWE-284 Improper Access Control on Configurations Endpoint for the Stable API | Apache Software Foundation | Apache Airflow | 中危 | - | 2021-02-17 14:15:14 | Deep Dive |
| CVE-2021-25646 | Authenticated users can override system configurations in their requests which allows them to execute arbitrary code. | Apache Software Foundation | Apache Druid | 高危 | - | 2021-01-29 19:15:12 | Deep Dive |
| CVE-2021-26118 | Flaw in ActiveMQ Artemis OpenWire support | Apache Software Foundation | Apache ActiveMQ Artemis | 高危 | - | 2021-01-27 18:55:13 | Deep Dive |
| CVE-2021-26117 | ActiveMQ: LDAP-Authentication does not verify passwords on servers with anonymous bind | Apache Software Foundation | Apache ActiveMQ | 高危 | - | 2021-01-27 00:00:00 | Deep Dive |
| CVE-2020-17532 | Apache ServiceComb Yaml remote deserialization vulnerability | Apache Software Foundation | Apache ServiceComb-Java-Chassis | 高危 | - | 2021-01-25 09:25:14 | Deep Dive |
| CVE-2021-23901 | An XML external entity (XXE) injection vulnerability exists in the Nutch DmozParser | Apache Software Foundation | Apache Nutch | 超危 | - | 2021-01-25 09:25:14 | Deep Dive |
| CVE-2021-23926 | XMLBeans XML Entity Expansion | Apache Software Foundation | Apache XMLBeans | 超危 | - | 2021-01-14 14:45:18 | Deep Dive |
| CVE-2021-24122 | Apache Tomcat information disclosure | Apache Software Foundation | Apache Tomcat | 中危 | - | 2021-01-14 14:45:18 | Deep Dive |
| CVE-2020-11995 | Apache Dubbo default deserialization protocol Hessian2 cause CRE | Apache Software Foundation | Apache Dubbo | 超危 | - | 2021-01-11 09:40:19 | Deep Dive |
| CVE-2020-13922 | Apache DolphinScheduler (incubating) Permission vulnerability | Apache Software Foundation | Apache DolphinScheduler | 中危 | - | 2021-01-11 09:40:19 | Deep Dive |