Lucene search
K

177 matches found

OSV
OSV
added 2019/06/21 3:15 p.m.2 views

CVE-2018-15665

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5.3CVSS5.8AI score0.01195EPSS
Exploits0References2
Prion
Prion
added 2019/06/21 3:15 p.m.12 views

Design/Logic Flaw

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5CVSS5.3AI score0.01195EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/06/21 2:18 p.m.300 views

CVE-2018-15665

CDSW (Cloudera Data Science Workbench) is affected for versions 1.2.x through 1.4.0. The issue allows unauthenticated users to obtain a list of user accounts, constituting an information-disclosure vulnerability. The available connected sources confirm the affected product and vulnerable behavior...

5.3CVSS5.3AI score0.01195EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/06/21 2:18 p.m.20 views

CVE-2018-15665

An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...

5.3AI score0.01195EPSS
Exploits0References2
CNVD
CNVD
added 2019/06/10 12:0 a.m.2 views

Cloudera Data Science Workbench SQL Injection Vulnerability

Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. A SQL injection vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems fr...

9.9CVSS8.2AI score0.01009EPSS
Exploits0References1
NVD
NVD
added 2019/06/07 4:29 p.m.22 views

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

9.9CVSS9.4AI score0.01009EPSS
Exploits0References2
Prion
Prion
added 2019/06/07 4:29 p.m.22 views

Sql injection

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

6.5CVSS9.3AI score0.01009EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/06/07 4:29 p.m.5 views

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

9.9CVSS5.9AI score0.01009EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/06/07 3:50 p.m.20 views

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

9.4AI score0.01009EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/06/05 2:8 p.m.155 views

Why Election Trust is Dwindling in a Post-Cambridge Analytica World

LONDON, UK – The 2018 Facebook-Cambridge Analytica incident opened the world’s eyes to how much private user data was being collected, shared and sold. But experts worry that future ramifications of this scandal go way beyond Facebook and have created distrust in the election process as a whole...

6.8AI score
Exploits0References4
FireEye
FireEye
added 2019/05/29 2:30 p.m.20 views

Learning to Rank Strings Output for Speedier Malware Analysis

Reverse engineers, forensic investigators, and incident responders have an arsenal of tools at their disposal to dissect malicious software binaries. When performing malware analysis, they successively apply these tools in order to gradually gather clues about a binary’s function, design detectio...

7.2AI score
Exploits0References9
CNVD
CNVD
added 2019/04/01 12:0 a.m.3 views

TIBCO Data Science Unauthorized Modification Vulnerability

TIBCO Spotfire Data Science is a data analytics platform. A security vulnerability exists in TIBCO Spotfire Data Science, which can be exploited by a remote attacker to submit a special request that can delete or modify data with elevated privileges...

8.1CVSS7.2AI score0.0178EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/01 12:0 a.m.2 views

TIBCO Data Science Cross-Site Request Forgery Vulnerability

TIBCO Spotfire Data Science is a data analytics platform. A security vulnerability exists in TIBCO Spotfire Data Science that can be exploited by an attacker to submit a special request that can spoof information about other users...

5CVSS6.8AI score0.0125EPSS
Exploits0References1
NVD
NVD
added 2019/03/26 6:29 p.m.16 views

CVE-2019-8989

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...

5CVSS4.7AI score0.0125EPSS
Exploits0References3
OSV
OSV
added 2019/03/26 6:29 p.m.5 views

CVE-2019-8987

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...

5.4CVSS6.5AI score0.01131EPSS
Exploits0References3
NVD
NVD
added 2019/03/26 6:29 p.m.14 views

CVE-2019-8987

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...

7.6CVSS6AI score0.01131EPSS
Exploits0References3
OSV
OSV
added 2019/03/26 6:29 p.m.3 views

CVE-2019-8989

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...

4.3CVSS5.8AI score0.0125EPSS
Exploits0References3
NVD
NVD
added 2019/03/26 6:29 p.m.20 views

CVE-2019-8988

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...

8.1CVSS7AI score0.0178EPSS
Exploits0References3
OSV
OSV
added 2019/03/26 6:29 p.m.5 views

CVE-2019-8988

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...

8.1CVSS6.6AI score0.0178EPSS
Exploits0References3
Prion
Prion
added 2019/03/26 6:29 p.m.19 views

Design/Logic Flaw

The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...

4CVSS4.7AI score0.0125EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder