🛡️ CVE Vulnerability Database

CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia

CVE ID	Title / Description	Severity	CVSS	Status	Published
CVE-2024-38475	Apache HTTP Server Improper Escaping of Output Vulnerability — Ap… Apache HTTP Server Improper Escaping of Output Vulnerability — Apache HTTP Server contains an improp…	CRITICAL	9.0	⚡ ✅ KEV AI	May 1, 2025
CVE-2025-24813	Apache Tomcat Path Equivalence Vulnerability - Remote Code Execut… Apache Tomcat Path Equivalence Vulnerability — Apache Tomcat contains a path equivalence vulnerabili…	CRITICAL	9.0	⚡ ✅ KEV AI	Apr 1, 2025
CVE-2017-3066	Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion… Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion contains a deserialization vulnera…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 24, 2025
CVE-2024-45195	Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contain… Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contains a forced browsing vulnerability t…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 4, 2025
CVE-2024-27348	Critical RCE in Apache HugeGraph-Server via Improper Access Contr… Apache HugeGraph-Server Improper Access Control Vulnerability — Apache HugeGraph-Server contains an …	CRITICAL	9.0	⚡ ✅ KEV AI	Sep 18, 2024
CVE-2024-38856	Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz… Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz contains an incorrect authorizatio…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 27, 2024
CVE-2024-32113	Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains… Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains a path traversal vulnerability tha…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 7, 2024
CVE-2020-17519	Apache Flink Improper Access Control Vulnerability — Apache Flink… Apache Flink Improper Access Control Vulnerability — Apache Flink contains an improper access contro…	CRITICAL	9.0	⚡ ✅ KEV AI	May 23, 2024
CVE-2023-27524	Apache Superset Insecure Default Initialization of Resource Vulne… Apache Superset Insecure Default Initialization of Resource Vulnerability — Apache Superset contains…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 8, 2024
CVE-2023-46604	Apache ActiveMQ Deserialization of Untrusted Data Vulnerability —… Apache ActiveMQ Deserialization of Untrusted Data Vulnerability — Apache ActiveMQ contains a deseria…	CRITICAL	9.0	⚡ ✅ KEV AI	Nov 2, 2023
CVE-2023-33246	Apache RocketMQ Command Execution Vulnerability — Several compone… Apache RocketMQ Command Execution Vulnerability — Several components of Apache RocketMQ, including N…	CRITICAL	9.0	⚡ ✅ KEV AI	Sep 6, 2023
CVE-2023-38035	Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry… Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry, formerly known as MobileIron Sent…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 22, 2023
CVE-2016-8735	Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat… Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat contains an unspecified vulnerabil…	CRITICAL	9.0	⚡ ✅ KEV AI	May 12, 2023
CVE-2021-45046	Apache Log4j2 Deserialization of Untrusted Data Vulnerability — A… Apache Log4j2 Deserialization of Untrusted Data Vulnerability — Apache Log4j2 contains a deserializa…	CRITICAL	9.0	⚡ ✅ KEV AI	May 1, 2023
CVE-2022-33891	Apache Spark Command Injection Vulnerability — Apache Spark conta… Apache Spark Command Injection Vulnerability — Apache Spark contains a command injection vulnerabili…	CRITICAL	9.0	⚡ ✅ KEV	Mar 7, 2023
CVE-2022-47966	Zoho ManageEngine Multiple Products Remote Code Execution Vulnera… Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability — Multiple Zoho ManageEngine…	CRITICAL	9.0	⚡ ✅ KEV AI	Jan 23, 2023
CVE-2022-24706	Apache CouchDB Insecure Default Initialization of Resource Vulner… Apache CouchDB Insecure Default Initialization of Resource Vulnerability — Apache CouchDB contains a…	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 25, 2022
CVE-2022-24112	Apache APISIX Authentication Bypass Vulnerability — Apache APISIX… Apache APISIX Authentication Bypass Vulnerability — Apache APISIX contains an authentication bypass …	CRITICAL	9.0	⚡ ✅ KEV AI	Aug 25, 2022
CVE-2020-1956	Apache Kylin OS Command Injection Vulnerability — Apache Kylin co… Apache Kylin OS Command Injection Vulnerability — Apache Kylin contains an OS command injection vuln…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 25, 2022
CVE-2017-12617	Apache Tomcat Remote Code Execution Vulnerability — When running … Apache Tomcat Remote Code Execution Vulnerability — When running Apache Tomcat, it is possible to up…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 25, 2022
CVE-2017-12615	Apache Tomcat on Windows Remote Code Execution Vulnerability — Wh… Apache Tomcat on Windows Remote Code Execution Vulnerability — When running Apache Tomcat on Windows…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 25, 2022
CVE-2013-2251	Apache Struts OGNL Expression Remote Code Execution Vulnerability… Apache Struts Improper Input Validation Vulnerability — Apache Struts allows remote attackers to exe…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 25, 2022
CVE-2020-1938	Apache Tomcat Improper Privilege Management Vulnerability — Apach… Apache Tomcat Improper Privilege Management Vulnerability — Apache Tomcat treats Apache JServ Protoc…	CRITICAL	9.0	⚡ ✅ KEV AI	Mar 3, 2022
CVE-2017-9791	Apache Struts 1 Improper Input Validation Vulnerability — The Str… Apache Struts 1 Improper Input Validation Vulnerability — The Struts 1 plugin in Apache Struts might…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 10, 2022
CVE-2016-3088	Apache ActiveMQ Improper Input Validation Vulnerability — The Fil… Apache ActiveMQ Improper Input Validation Vulnerability — The Fileserver web application in Apache A…	CRITICAL	9.0	⚡ ✅ KEV AI	Feb 10, 2022

1 2 →

🤖 AI Analysis Active

AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.

1,706 CVEs analyzed

🔴 Recent Critical CVEs

9.8

9.8

9.8