CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-53192 – Apache Commons OGNL: Expression Injection leading to RCE
https://notcve.org/view.php?id=CVE-2025-53192
18 Aug 2025 — Improper Neutralization of Expression/Command Delimiters vulnerability in Apache Commons OGNL. This issue affects Apache Commons OGNL: all versions. When using the API Ognl.getValue, the OGNL engine parses and evaluates the provided expression with powerful capabilities, including accessing and invoking related methods, etc. Although OgnlRuntime attempts to restrict certain dangerous classes and methods (such as java.lang.Runtime) through a blocklist, these restrictions are not comprehensive. Attackers may... • https://lists.apache.org/thread/2gj8tjl6vz949nnp3yxz3okm9xz2k7sp • CWE-146: Improper Neutralization of Expression/Command Delimiters •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54466 – Apache OFBiz: RCE Vulnerability in scrum plugin
https://notcve.org/view.php?id=CVE-2025-54466
15 Aug 2025 — Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated attackers can exploit this vulnerability. Users are recommended to upgrade to version 24.09.02, which fixes the issue. Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. • https://ofbiz.apache.org/download.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55675 – Apache Superset: Incorrect datasource authorization on REST API
https://notcve.org/view.php?id=CVE-2025-55675
14 Aug 2025 — Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasource_id in the URL, an attacker can enumerate and confirm the existence and names of protected datasources, leading to sensitive information disclosure. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to version 5.0.0... • https://lists.apache.org/thread/op681b4kbd7g84tfjf9omz0sxggbcv33 • CWE-285: Improper Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55674 – Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions
https://notcve.org/view.php?id=CVE-2025-55674
14 Aug 2025 — A bypass of the DISALLOWED_SQL_FUNCTIONS security feature in Apache Superset allows for the execution of blocked SQL functions. An attacker can use a special inline block to circumvent the denylist. This allows a user with SQL Lab access to execute functions that were intended to be disabled, leading to the disclosure of sensitive database information like the software version. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to version 5.0.0, which fixes the issue. • https://lists.apache.org/thread/cn49ps15ny3g2b1qzdg5mj7hp47p5jdo • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55672 – Apache Superset: Stored XSS on charts metadata
https://notcve.org/view.php?id=CVE-2025-55672
14 Aug 2025 — A stored Cross-Site Scripting (XSS) vulnerability exists in Apache Superset's chart visualization. An authenticated user with permissions to edit charts can inject a malicious payload into a column's label. The payload is not properly sanitized and gets executed in the victim's browser when they hover over the chart, potentially leading to session hijacking or the execution of arbitrary commands on behalf of the user. This issue affects Apache Superset: before 5.0.0. Users are recommended to upgrade to vers... • https://lists.apache.org/thread/rvh7fdjfzxzjhcfwoz7twc2brhvochdj • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-55673 – Apache Superset: Metadata exposure in embedded charts
https://notcve.org/view.php?id=CVE-2025-55673
14 Aug 2025 — When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly discloses database schema information, such as table names, to the low-privileged guest user. This issue affects Apache Superset: before 4.1.3. Users are recommended to upgrade to version 4.1.3, which fixes the issue. • https://lists.apache.org/thread/h2hw756wk4sj4z49blvzkr5fntl9hlf8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54472 – Apache bRPC: Redis Parser Remote Denial of Service
https://notcve.org/view.php?id=CVE-2025-54472
14 Aug 2025 — Unlimited memory allocation in redis protocol parser in Apache bRPC (all versions < 1.14.1) on all platforms allows attackers to crash the service via network. Root Cause: In the bRPC Redis protocol parser code, memory for arrays or strings of corresponding sizes is allocated based on the integers read from the network. If the integer read from the network is too large, it may cause a bad alloc error and lead to the program crashing. Attackers can exploit this feature by sending special data packets to the ... • https://lists.apache.org/thread/r3xsy3wvs4kmfhc281173k5b6ll1xt2m • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-55668 – Apache Tomcat: session fixation via rewrite valve
https://notcve.org/view.php?id=CVE-2025-55668
13 Aug 2025 — Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 through 9.0.105. Older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.8, 10.1.42 or 9.0.106, which fix the issue. Session Fixation vulnerability in Apache Tomcat via rewrite valve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.7, from 10.1.0-M1 through 10.1.41, from 9.0.0.M1 thro... • https://lists.apache.org/thread/v6bknr96rl7l1qxkl1c03v0qdvbbqs47 • CWE-384: Session Fixation •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-48989 – Apache Tomcat: h2 DoS - Made You Reset
https://notcve.org/view.php?id=CVE-2025-48989
13 Aug 2025 — Improper Resource Shutdown or Release vulnerability in Apache Tomcat made Tomcat vulnerable to the made you reset attack. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.9, from 10.1.0-M1 through 10.1.43 and from 9.0.0.M1 through 9.0.107. Older, EOL versions may also be affected. Users are recommended to upgrade to one of versions 11.0.10, 10.1.44 or 9.0.108 which fix the issue. A flaw was found in Apache Tomcat where malformed client requests can trigger server-side stream resets without trig... • https://lists.apache.org/thread/9ydfg0xr0tchmglcprhxgwhj0hfwxlyf • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-48913 – Apache CXF: Untrusted JMS configuration can lead to RCE
https://notcve.org/view.php?id=CVE-2025-48913
08 Aug 2025 — If untrusted users are allowed to configure JMS for Apache CXF, previously they could use RMI or LDAP URLs, potentially leading to code execution capabilities. This interface is now restricted to reject those protocols, removing this possibility. Users are recommended to upgrade to versions 3.6.8, 4.0.9 or 4.1.3, which fix this issue. • https://lists.apache.org/thread/f1nv488ztc0js4g5ml2v88mzkzslyh83 • CWE-20: Improper Input Validation •