Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Apache OFBizApache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCE

Risk 90
Severity
9.8
First published (updated )
CVE-2026-45434

Apache Apache OFBizApache OFBiz: Authentication Bypass due to Improper Neutralization of LDAP Special Elements in DN Construction

Risk 70
Severity
9.1
First published (updated )
CVE-2026-41919

Apache Apache OFBizApache OFBiz: Unauthenticated RCE via Default JWT Signing Key and Widget Template Injection

Risk 70
Severity
9.1
First published (updated )
CVE-2026-31986

Apache OFBizApache OFBiz: RCE Vulnerability in scrum plugin

Risk 90
Severity
9.8
First published (updated )
CVE-2025-54466

Apache OFBizApache OFBiz: URLs allowing remote use of Groovy expressions, leading to RCE

Risk 90
Severity
9.8
First published (updated )
CVE-2024-47208
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache OFBizApache OFBiz: Prevent use of URLs in files when loading them from Java or Groovy, leading to a RCE

Risk 90
Severity
9.8
First published (updated )
CVE-2024-45507

Apache OFBizApache OFBiz Forced Browsing Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2024-45195

Apache OFBizApache OFBiz Incorrect Authorization Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2024-38856

Apache OFBizApache OFBiz: Path traversal leading to a RCE

Risk 70
Severity
9.1
First published (updated )
CVE-2024-36104

Apache OFBizApache OFBiz Path Traversal Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2024-32113
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache OFBizApache OFBiz: Path traversal allowing authentication bypass.

Risk 48
Severity
9.1
EPSS
0.04%
First published (updated )
CVE-2024-25065

Apache OFBizApache OFBiz: Pre-authentication Remote Code Execution (RCE) vulnerability

Risk 99
Severity
9.8
Zeroday
First published (updated )
CVE-2023-51467

Apache OFBizPre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present

Risk 99
Severity
9.8
Zeroday
First published (updated )
CVE-2023-49070

Apache OFBizJava Deserialization via RMI Connection from the Solr plugin of Apache OFBiz

Risk 86
Severity
9.8
First published (updated )
CVE-2022-29063

Apache OFBizUnauth Path Traversal with file corruption affecting the Birt plugin of Apache OFBiz

Risk 86
Severity
9.8
First published (updated )
CVE-2022-25371
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache OFBizArbitrary file upload vulnerability in OFBiz

Risk 86
Severity
9.8
First published (updated )
CVE-2021-37608

Apache OFBizUnsafe deserialization in Apache OFBiz

Risk 87
Severity
10
First published (updated )
CVE-2021-30128

Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI

Risk 86
Severity
9.8
First published (updated )
CVE-2021-29200

Apache OFBizRCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI

Risk 86
Severity
9.8
First published (updated )
CVE-2021-26295

Apache OFBizAn RCE is possible by entering Freemarker markup in an Apache OFBiz Form Widget textarea field when …

Risk 86
Severity
9.8
First published (updated )
CVE-2019-10074
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache OFBizThe java.io.ObjectInputStream is known to cause Java serialisation issues. This issue here is expose…

Risk 86
Severity
9.8
First published (updated )
CVE-2019-0189

Apache OFBizThe Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for …

Risk 86
Severity
9.8
First published (updated )
CVE-2018-17200

Apache OFBizXSS, Code Injection

Risk 86
Severity
9.8
First published (updated )
CVE-2017-15714

Apache OFBizApache OFBiz 10.04.x before 10.04.02 allows remote attackers to execute arbitrary code via unspecifi…

Risk 86
Severity
9.8
First published (updated )
CVE-2012-1622

Apache OFBizInput Validation

Risk 86
Severity
9.8
First published (updated )
CVE-2016-2170
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache OFBizInput Validation

Risk 87
Severity
10
First published (updated )
CVE-2013-2250

Apache OFBizUnspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.0…

Risk 87
Severity
10
First published (updated )
CVE-2012-3506

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203