🛡️ CVE Vulnerability Database
CVE vulnerabilities with bilingual AI analysis tailored for Saudi Arabia
| CVE ID | Title / Description | Severity | CVSS | Status | Published |
|---|---|---|---|---|---|
| CVE-2024-38475 |
Apache HTTP Server Improper Escaping of Output Vulnerability — Ap…
Apache HTTP Server Improper Escaping of Output Vulnerability — Apache HTTP Server contains an improp…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | May 1, 2025 |
| CVE-2025-24813 |
Apache Tomcat Path Equivalence Vulnerability - Remote Code Execut…
Apache Tomcat Path Equivalence Vulnerability — Apache Tomcat contains a path equivalence vulnerabili…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Apr 1, 2025 |
| CVE-2017-3066 |
Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion…
Adobe ColdFusion Deserialization Vulnerability — Adobe ColdFusion contains a deserialization vulnera…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Feb 24, 2025 |
| CVE-2024-45195 |
Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contain…
Apache OFBiz Forced Browsing Vulnerability — Apache OFBiz contains a forced browsing vulnerability t…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Feb 4, 2025 |
| CVE-2024-27348 |
Critical RCE in Apache HugeGraph-Server via Improper Access Contr…
Apache HugeGraph-Server Improper Access Control Vulnerability — Apache HugeGraph-Server contains an …
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Sep 18, 2024 |
| CVE-2024-38856 |
Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz…
Apache OFBiz Incorrect Authorization Vulnerability — Apache OFBiz contains an incorrect authorizatio…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Aug 27, 2024 |
| CVE-2024-32113 |
Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains…
Apache OFBiz Path Traversal Vulnerability — Apache OFBiz contains a path traversal vulnerability tha…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Aug 7, 2024 |
| CVE-2020-17519 |
Apache Flink Improper Access Control Vulnerability — Apache Flink…
Apache Flink Improper Access Control Vulnerability — Apache Flink contains an improper access contro…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | May 23, 2024 |
| CVE-2023-27524 |
Apache Superset Insecure Default Initialization of Resource Vulne…
Apache Superset Insecure Default Initialization of Resource Vulnerability — Apache Superset contains…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Jan 8, 2024 |
| CVE-2023-46604 |
Apache ActiveMQ Deserialization of Untrusted Data Vulnerability —…
Apache ActiveMQ Deserialization of Untrusted Data Vulnerability — Apache ActiveMQ contains a deseria…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Nov 2, 2023 |
| CVE-2023-33246 |
Apache RocketMQ Command Execution Vulnerability — Several compone…
Apache RocketMQ Command Execution Vulnerability — Several components of Apache RocketMQ, including N…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Sep 6, 2023 |
| CVE-2023-38035 |
Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry…
Ivanti Sentry Authentication Bypass Vulnerability — Ivanti Sentry, formerly known as MobileIron Sent…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Aug 22, 2023 |
| CVE-2016-8735 |
Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat…
Apache Tomcat Remote Code Execution Vulnerability — Apache Tomcat contains an unspecified vulnerabil…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | May 12, 2023 |
| CVE-2021-45046 |
Apache Log4j2 Deserialization of Untrusted Data Vulnerability — A…
Apache Log4j2 Deserialization of Untrusted Data Vulnerability — Apache Log4j2 contains a deserializa…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | May 1, 2023 |
| CVE-2022-33891 |
Apache Spark Command Injection Vulnerability — Apache Spark conta…
Apache Spark Command Injection Vulnerability — Apache Spark contains a command injection vulnerabili…
|
CRITICAL |
9.0
|
⚡ ✅ KEV | Mar 7, 2023 |
| CVE-2022-47966 |
Zoho ManageEngine Multiple Products Remote Code Execution Vulnera…
Zoho ManageEngine Multiple Products Remote Code Execution Vulnerability — Multiple Zoho ManageEngine…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Jan 23, 2023 |
| CVE-2022-24706 |
Apache CouchDB Insecure Default Initialization of Resource Vulner…
Apache CouchDB Insecure Default Initialization of Resource Vulnerability — Apache CouchDB contains a…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Aug 25, 2022 |
| CVE-2022-24112 |
Apache APISIX Authentication Bypass Vulnerability — Apache APISIX…
Apache APISIX Authentication Bypass Vulnerability — Apache APISIX contains an authentication bypass …
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Aug 25, 2022 |
| CVE-2020-1956 |
Apache Kylin OS Command Injection Vulnerability — Apache Kylin co…
Apache Kylin OS Command Injection Vulnerability — Apache Kylin contains an OS command injection vuln…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Mar 25, 2022 |
| CVE-2017-12617 |
Apache Tomcat Remote Code Execution Vulnerability — When running …
Apache Tomcat Remote Code Execution Vulnerability — When running Apache Tomcat, it is possible to up…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Mar 25, 2022 |
| CVE-2017-12615 |
Apache Tomcat on Windows Remote Code Execution Vulnerability — Wh…
Apache Tomcat on Windows Remote Code Execution Vulnerability — When running Apache Tomcat on Windows…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Mar 25, 2022 |
| CVE-2013-2251 |
Apache Struts OGNL Expression Remote Code Execution Vulnerability…
Apache Struts Improper Input Validation Vulnerability — Apache Struts allows remote attackers to exe…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Mar 25, 2022 |
| CVE-2020-1938 |
Apache Tomcat Improper Privilege Management Vulnerability — Apach…
Apache Tomcat Improper Privilege Management Vulnerability — Apache Tomcat treats Apache JServ Protoc…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Mar 3, 2022 |
| CVE-2017-9791 |
Apache Struts 1 Improper Input Validation Vulnerability — The Str…
Apache Struts 1 Improper Input Validation Vulnerability — The Struts 1 plugin in Apache Struts might…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Feb 10, 2022 |
| CVE-2016-3088 |
Apache ActiveMQ Improper Input Validation Vulnerability — The Fil…
Apache ActiveMQ Improper Input Validation Vulnerability — The Fileserver web application in Apache A…
|
CRITICAL |
9.0
|
⚡ ✅ KEV AI | Feb 10, 2022 |
🤖 AI Analysis Active
AI analysis includes: Arabic description, Saudi impact assessment, remediation steps, compliance mapping (NCA ECC, SAMA CSF, ISO 27001) and MITRE ATT&CK techniques.
🔴 Recent Critical CVEs
CVE-2026-20133
Apr 20, 2026
CVE-2026-20128
Apr 20, 2026
CVE-2026-20122
Apr 20, 2026
CVE-2025-48700
Apr 20, 2026
CVE-2025-32975
Apr 20, 2026
💡 Search Tips
CVE-2024-12345
Search by exact ID
apache
Search by product name
remote code execution
Search by vulnerability type
log4j
Search by common name
📡 Data Sources
NVD (NIST) · CIRCL
CISA KEV · ThreatFox
Feodo Tracker · AlienVault OTX
Auto-updated daily via cron