EUVD-2018-19725

Malware in sbrugna...

EUVD-2018-19715

Malware in sbrugna...

CVE-2025-23195 Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie

An XML External Entity XXE vulnerability exists in the Ambari/Oozie project, allowing an attacker to inject malicious XML entities. This vulnerability occurs due to insecure parsing of XML input using the DocumentBuilderFactory class without disabling external entity resolution. An attacker can...

PT-2024-2027 · Apache · Apache Ambari

Name of the Vulnerable Software and Affected Versions: Apache Ambari versions prior to 2.7.8 Description: The issue is related to a lack of proper input validation and constraint enforcement, which could be exploited to perform unauthorized actions, including data access, session hijacking, and...

Apache Ambari Arbitrary File Download Vulnerability

Apache Ambari is a web-based tool that supports provisioning, management and monitoring of Apache Hadoop clusters. An arbitrary file download vulnerability exists in Apache Ambari 2.6.2.2 and earlier versions. An attacker can exploit this vulnerability by constructing filenames to traverse other...