Where
-Infinity
0

Trending

Last week
Last month
Last year

CVE-2024-27138: Apache Archiva: disabling user registration is not effective

First published (updated )
https://seclists.org/oss-sec/2024/q1/183

CVE-2024-27139: Apache Archiva: incorrect authentication potentially leading to account takeover

First published (updated )
https://seclists.org/oss-sec/2024/q1/182

maven/org.apache.archiva:archivaApache Archiva: disabling user registration is not effective

Risk 31
Severity
7.5
EPSS
0.04%
First published (updated )
CVE-2024-27138

maven/org.apache.archiva:archivaApache Archiva: incorrect authentication potentially leading to account takeover

Risk 31
Severity
7.5
EPSS
0.04%
First published (updated )
CVE-2024-27139

maven/org.apache.archiva:archiva-commonApache Archiva: reflected XSS

Risk 26
Severity
5.4
EPSS
0.04%
First published (updated )
CVE-2024-27140
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache ArchivaApache Archiva privilege escalation

Risk 46
Severity
6.5
First published (updated )
CVE-2023-28158

Apache ArchivaApache Archiva prior to 2.2.9 allows an authenticated user to delete arbitrary directories

Risk 22
Severity
4.3
First published (updated )
CVE-2022-40309

Apache ArchivaApache Archiva prior to 2.2.9 may allow the anonymous user to read arbitrary files

Risk 43
Severity
7.5
First published (updated )
CVE-2022-40308

Apache ArchivaApache Archiva Arbitrary user password reset vulnerability

Risk 38
Severity
6.5
First published (updated )
CVE-2022-29405

Apache ArchivaApache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to ret…

Risk 27
Severity
5.3
First published (updated )
CVE-2020-9495
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache ArchivaIn Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary lo…

Risk 38
Severity
6.5
First published (updated )
CVE-2019-0214

Apache ArchivaXSS

Risk 38
Severity
6.5
First published (updated )
CVE-2019-0213

Apache XML-RPCThe Apache XML-RPC (aka ws-xmlrpc) library 3.1.3, as used in Apache Archiva, allows remote attackers…

Risk 33
Severity
7
First published (updated )
REDHAT-BUG-1508123

Apache XML-RPCSSRF

Risk 19
Severity
4
First published (updated )
REDHAT-BUG-1508110

Apache ArchivaCSRF

Risk 71
Severity
8
First published (updated )
CVE-2017-5657
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache ArchivaXSS

Risk 29
Severity
4.8
First published (updated )
CVE-2016-5005

Apache ArchivaCSRF

Risk 77
Severity
8.8
First published (updated )
CVE-2016-4469

Apache ArchivaXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2013-2187

Apache StrutsApache Struts Improper Input Validation Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2013-2251

Apache ArchivaXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2011-1077
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache ArchivaCSRF

Risk 47
Severity
6.8
First published (updated )
CVE-2011-1026

Apache ArchivaXSS

Risk 22
Severity
4.3
First published (updated )
CVE-2011-0533

Apache ArchivaXSS, CSRF

Risk 47
Severity
6.8
First published (updated )
CVE-2010-4408

Jesse Mcconnell RedbackCSRF

Risk 47
Severity
6.8
First published (updated )
CVE-2010-3449

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203