Lucene search
K

869 matches found

Cvelist
Cvelist
added 2017/08/29 8:0 p.m.25 views

CVE-2017-3155

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to cross frame scripting...

6.1AI score0.01812EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.24 views

CVE-2017-3153

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Reflected XSS in the search functionality...

6.1AI score0.01955EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.25 views

CVE-2017-3151

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to Stored Cross-Site Scripting in the edit-tag functionality...

6AI score0.01919EPSS
Exploits0References2
CVE
CVE
added 2017/08/29 8:0 p.m.76 views

CVE-2017-3152

Apache Atlas is affected in versions 0.6.0-incubating and 0.7.0-incubating by a DOM-based XSS vulnerability in the edit-tag function. The CNVD entry describes an ability for a remote attacker to inject arbitrary web script or HTML, indicating browser-side script execution risk. The CVE entry conf...

6.1CVSS5.9AI score0.01955EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/29 8:0 p.m.82 views

CVE-2017-3150

Apache Atlas (v0.6.0-incubating and v0.7.0-incubating) is affected by an insecure cookie storage issue: cookies could be accessible to client-side scripts, exposing potentially sensitive data. This is documented across multiple sources (GHSA-WVMQ-W7M8-G9XM, OSV, CNVD, NVD entries). The CVE-2017-3...

6.1CVSS6.1AI score0.01954EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/29 8:0 p.m.76 views

CVE-2017-3153

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating are affected by a Reflected XSS vulnerability in the search functionality (CVE-2017-3153). The connected documents state the issue but do not provide root-cause details, exploit status, or remediation steps. No patch/version fix is speci...

6.1CVSS6AI score0.01955EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.22 views

CVE-2017-3152

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were found vulnerable to DOM XSS in the edit-tag functionality...

6.1AI score0.01955EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.29 views

CVE-2016-8752

Apache Atlas versions 0.6.0 incubating, 0.7.0 incubating, and 0.7.1 incubating allow access to the webapp directory contents by pointing to URIs like /js and /img...

7.5AI score0.02127EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.21 views

CVE-2017-3150

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookies that could be accessible to client-side script...

6.2AI score0.01954EPSS
Exploits0References2
CVE
CVE
added 2017/08/29 8:0 p.m.73 views

CVE-2017-3151

Apache Atlas CVE-2017-3151 affects versions 0.6.0-incubating and 0.7.0-incubating, with a Stored Cross-Site Scripting flaw in the edit-tag functionality. Root cause details are not elaborated beyond the XSS issue; no exploit specifics are provided in the connected documents. The impact is implied...

6.1CVSS5.9AI score0.01919EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/29 8:0 p.m.72 views

CVE-2017-3155

Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating are reported vulnerable to cross-site scripting (cross frame scripting). The connected documents confirm the affected product and vulnerability type but do not provide specific root-cause details, affected components, exploit information...

6.1CVSS6AI score0.01812EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/08/29 8:0 p.m.81 views

CVE-2017-3154

CVE-2017-3154 affects Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating. The underlying issue is that error responses reveal a stack trace, leading to information exposure. The available documents describe the vulnerability as an information-disclosure flaw but do not provide details on...

7.5CVSS6.7AI score0.02053EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/29 8:0 p.m.26 views

CVE-2017-3154

Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information...

6.8AI score0.02053EPSS
Exploits0References2
Openbugbounty
Openbugbounty
added 2017/08/04 7:2 p.m.8 views

atlasrealtyinc.com XSS vulnerability

Vulnerable URL: http://www.atlasrealtyinc.com/%3Cimg%20src=x%20onerror=alert'openbugbounty'%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 05.11.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/17 2:50 p.m.8 views

tampabay.wateratlas.usf.edu XSS vulnerability

Vulnerable URL: http://www.tampabay.wateratlas.usf.edu/coastal/waterquality.asp?wbodyatlas=gulf=1/-///'/"//--...

6.9AI score
Exploits0
CNVD
CNVD
added 2017/05/27 12:0 a.m.4 views

Apache Atlas Information Disclosure Vulnerability

Apache Atlas is a set of scalable and extensible core functional governance services from the Apache USA Software Foundation. An information disclosure vulnerability exists in Apache Atlas versions 0.6.0, 0.7.0, and 0.7.1. An attacker could exploit the vulnerability to obtain sensitive informatio...

7.5CVSS6.1AI score0.02127EPSS
Exploits0References1
Veracode
Veracode
added 2017/05/24 2:54 a.m.17 views

Directory Traversal

Apache Atlas is vulnerable to directory traversal attacks. The attacks can be triggered because it does not properly handle URI input from the users, allowing an unauthorized access to webapp directory by using direct URIs such as /js or /img...

7.5CVSS7.4AI score0.02127EPSS
Exploits0References1Affected Software1
Veracode
Veracode
added 2017/05/09 2:29 a.m.22 views

Cross-Site Scripting (XSS)

atlas-dashboardv2 is vulnerable to reflected cross-site scripting XSS attacks. The search function does not sanitize the search queries that are passed to the application, allowing a malicious user to inject and execute arbitrary javascript...

6.1CVSS6AI score0.01955EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2017/05/09 1:53 a.m.16 views

Cross Frame Scripting

atlas-dashboardv2 is vulnerable to cross frame scripting. The library allows the use of external frames on the index page, allowing a malicious user to inject and execute arbitrary javascript via an iframe...

6.1CVSS6.4AI score0.01812EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2017/05/08 3:24 p.m.22 views

Information Disclosure

atlas-webapp is vulnerable to information disclosure. The library prints sensitive information in its stack trace error logs. A malicious user can then access sensitive information stored on these logs...

7.5CVSS7AI score0.02053EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder