CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

GithubExploit•added 2026/05/30 2:44 a.m.•54 views

Exploit for CVE-2026-46716

CVE-2026-46716 — Nezha Monitoring Cross-Tenant RCE via Cron AP...

6.3AI score

Exploits1

Veracode•added 2024/04/12 5:42 p.m.•24 views

Improper Input Validation

Apache Zeppelin is vulnerable to Improper Input Validation. The vulnerability is due to the cron API with invalid or improper privileges, allowing the notebook to run with elevated privileges. This vulnerability can be exploited by attackers to escalate their privileges and potentially gain...

6.5CVSS7.5AI score0.00623EPSS

Exploits0References5Affected Software1

OSV•added 2024/04/09 6:30 p.m.•16 views

GHSA-G44M-X5H7-FR5Q Apache Zeppelin: Cron arbitrary user impersonation with improper privileges

Improper Input Validation vulnerability in Apache Zeppelin. The attackers can call updating cron API with invalid or improper privileges so that the notebook can run with the privileges. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version...

5.4CVSS6.4AI score0.00623EPSS

Exploits0References6

NVD•added 2024/04/09 4:15 p.m.•12 views

CVE-2024-31865

6.5CVSS6.5AI score0.00623EPSS

Exploits0References3

CVE•added 2024/04/09 4:7 p.m.•92 views

CVE-2024-31865

CVE-2024-31865 affects Apache Zeppelin due to an Improper Input Validation in the cron API, allowing arbitrary user impersonation with insufficient privileges. Affected versions are 0.8.2 up to before 0.11.1; upgrading to 0.11.1 or later fixes the issue. The CVE entry and linked sources (Red Hat,...

6.5CVSS6.5AI score0.00623EPSS

Exploits0References3Affected Software1