Ofbiz
by Apache
Take action — actively targeted
Ofbiz is actively targeted by attackers. A significant proportion of its known vulnerabilities are being exploited.
What to do
- Apply all available updates immediately
- Review your exposure — is this internet-facing?
- Monitor vendor advisories for this product
What Attackers Target
Vulnerabilities with high exploit probability
44.7%
Confirmed actively exploited (CISA)
6.4%
Public exploit code available
0.0%
Based on 47 known vulnerabilities. Percentages show the proportion that are actively dangerous — a low percentage means most vulnerabilities in this product are not being exploited.
Most Dangerous Vulnerabilities
| CVE | CVSS | Exploit Probability | Confirmed |
|---|---|---|---|
| CVE-2024-38856 | 9.8 | 94.4% | Yes |
| CVE-2021-26295 | 9.8 | 94.2% | — |
| CVE-2024-45195 | 7.5 | 94.1% | Yes |
| CVE-2021-30128 | 9.8 | 94.0% | — |
| CVE-2023-51467 | 9.8 | 94.0% | — |
| CVE-2024-32113 | 9.8 | 94.0% | Yes |
| CVE-2023-49070 | 9.8 | 94.0% | — |
| CVE-2020-9496 | 6.1 | 93.8% | — |
| CVE-2024-36104 | 9.1 | 92.9% | — |
| CVE-2021-29200 | 9.8 | 92.5% | — |
| CVE-2018-8033 | 7.5 | 92.2% | — |
| CVE-2024-45507 | 9.8 | 89.5% | — |
| CVE-2022-47501 | 7.5 | 86.3% | — |
| CVE-2020-1943 | 6.1 | 84.0% | — |
| CVE-2023-50968 | 7.5 | 83.9% | — |
| CVE-2011-3600 | 7.5 | 67.9% | — |
| CVE-2022-25813 | 7.5 | 60.1% | — |
| CVE-2019-0189 | 9.8 | 30.5% | — |
| CVE-2016-2170 | 9.8 | 14.9% | — |
| CVE-2022-29063 | 9.8 | 14.9% | — |
53
/ 100
high-risk
Active Threat
50/50 · Critical
Exploit Availability
3/50 · Minimal
Score uses Wilson score intervals to account for sample size. Products with few CVEs are scored conservatively.