Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

vulnersOsv
vulnersOsvadded 2025/08/03 12:30 p.m.2 views

org.apache.zeppelin:zeppelin-flink-cmd (>=0.10.0 <=0.11.2), org.apache.zeppelin:zeppelin-spark-submit (>=0.10.0 <=0.11.2) +1 more potentially affected by CVE-2024-51775 via org.apache.zeppelin:zeppelin-shell (>=0.10.0 <=0.11.2)

org.apache.zeppelin:zeppelin-shell MAVEN version =0.10.0, =0.10.0, =0.10.0, =0.10.0, =0.11.2 Source cves: CVE-2024-51775 Source advisory: SNYK:JAVA-ORGAPACHEZEPPELIN-11444035...

7.5CVSS5.8AI score0.00205EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletinsadded 2023/10/11 2:19 p.m.44 views

Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.

Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...

9.9CVSS8.9AI score0.92277EPSS
Exploits12Affected Software1
Tenable Nessus
Tenable Nessusadded 2023/10/04 12:0 a.m.22 views

Apache Spark < 3.4.0 Privilege Escalation (CVE-2023-22946)

In Apache Spark versions prior to 3.4.0, applications using spark-submit can specify a 'proxy-user' to run as, limiting privileges. The application can execute code with the privileges of the submitting user, however, by providing malicious configuration-related classes on the classpath. This...

9.9CVSS8.2AI score0.00439EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2023/04/15 12:0 a.m.5 views

PT-2023-8745 · Apache · Apache Spark

Name of the Vulnerable Software and Affected Versions: Apache Spark versions prior to 3.4.0 Description: The issue is related to insecure privilege management in the spark-submit function of Apache Spark. This allows an application to execute code with the privileges of the submitting user by...

9.9CVSS8.5AI score0.00439EPSS
Exploits0References20
Prion
Prionadded 2017/09/13 4:29 p.m.16 views

Deserialization of untrusted data

In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the loc...

7.2CVSS7.9AI score0.00066EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2017/09/13 4:0 p.m.14 views

CVE-2017-12612

In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the loc...

7.9AI score0.00066EPSS
Exploits0References2
Rows per page
Query Builder