Lucene search
+L

1178 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/13 3:23 p.m.5 views

CVE-2025-60012

Malicious configuration can lead to unauthorized file access in Apache Livy. This issue affects Apache Livy 0.7.0 and 0.8.0 when connecting to Apache Spark 3.1 or later. A request that includes a Spark configuration value supported from Apache Spark version 3.1 can lead to users gaining access to...

6.3CVSS5.8AI score0.00488EPSS
Exploits1References2
CVE
CVE
added 2026/03/13 3:23 p.m.14 views

CVE-2025-60012

CVE-2025-60012 (Apache Livy) : A vulnerability affecting Livy 0.7.0–0.8.0 when connected to Spark 3.1+, enabling unauthorized local file access via crafted Spark configuration values. Root causes (in vulnerable versions): (1) missing validation for spark.archives not added to Livy’s hardcoded fil...

6.3CVSS5.8AI score0.00488EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.8 views

Apache Livy 输入验证错误漏洞

Apache Livy is the United States Apache Apache Foundation, an application server . Provides support for programmatic , fault-tolerant , multi-tenant submission of Spark jobs from Web, mobile applications . Apache Livy suffers from an input validation error vulnerability. The vulnerability stems...

6.3CVSS5.8AI score0.00488EPSS
Exploits1References2
Wolfi
Wolfi
added 2026/03/12 7:48 a.m.9 views

CVE-2026-24281 vulnerabilities

Vulnerabilities for packages: apache-activemq-artemis, apache-pulsar, spark, strimzi-kafka-operator, zookeeper, akhq, trino, solr, apache-nifi, kserve-modelmesh...

7.4CVSS8.1AI score0.00633EPSS
Exploits0
Wolfi
Wolfi
added 2026/03/12 7:48 a.m.5 views

GHSA-7XRH-HQFC-G7QR vulnerabilities

Vulnerabilities for packages: apache-activemq-artemis, apache-pulsar, spark, strimzi-kafka-operator, zookeeper, akhq, trino, solr, apache-nifi, kserve-modelmesh...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/03/12 7:18 a.m.7 views

CVE-2026-24281 vulnerabilities

Vulnerabilities for packages: apache-activemq-artemis, spark, zookeeper, zookeeper-fips, apache-nifi, wso2is, kafka, strimzi-kafka-operator, kserve-modelmesh, solr, apache-pulsar-fips, spark-kubernetes-operator, spark-kubernetes-operator-fips, akhq, seata, apache-pulsar, trino, spark-fips...

7.4CVSS8.1AI score0.00633EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/12 7:18 a.m.3 views

GHSA-7XRH-HQFC-G7QR vulnerabilities

Vulnerabilities for packages: apache-activemq-artemis, spark, zookeeper, zookeeper-fips, apache-nifi, wso2is, kafka, strimzi-kafka-operator, kserve-modelmesh, solr, apache-pulsar-fips, spark-kubernetes-operator, spark-kubernetes-operator-fips, akhq, seata, apache-pulsar, trino, spark-fips...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.5 views

GHSA-J3GX-2473-5FP8 vulnerabilities

Vulnerabilities for packages: dask-gateway, cloudflared, litefs, flux-notification-controller, kube-arangodb, flux-image-reflector-controller, fscrypt, argocd-image-updater, gitlab-runner, kafkaexporter, speedtest-go, kafka-proxy, kpt, github-mcp-server, runc, crossplane-provider-aws-ec2,...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.8 views

GHSA-RV83-G57W-FR8J vulnerabilities

Vulnerabilities for packages: dask-gateway, cloudflared, litefs, flux-notification-controller, kube-arangodb, flux-image-reflector-controller, fscrypt, argocd-image-updater, gitlab-runner, kafkaexporter, speedtest-go, kafka-proxy, kpt, checksec, github-mcp-server, runc, crossplane-provider-aws-ec...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/03/10 1:48 p.m.19 views

CVE-2026-25679 vulnerabilities

Vulnerabilities for packages: dask-gateway, cloudflared, litefs, flux-notification-controller, kube-arangodb, flux-image-reflector-controller, fscrypt, argocd-image-updater, gitlab-runner, kafkaexporter, speedtest-go, kafka-proxy, kpt, github-mcp-server, runc, crossplane-provider-aws-ec2,...

7.5CVSS7.6AI score0.00728EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/07 9:30 a.m.7 views

ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +1220 more potentially affected by CVE-2026-24308 via org.apache.zookeeper:zookeeper (>=3.8.0 <=3.8.5)

org.apache.zookeeper:zookeeper MAVEN version =3.8.0, =3.10.0.5, =0.1.0, =0.2.6, =0.0.33, =0.0.82, =0.0.33, =0.0.33, =0.0.33, =0.6.2, =0.6.0, =0.7.1 and more Source cves: CVE-2026-24308 Source advisory: OSV:GHSA-CRHR-QQJ8-RPXC...

7.5CVSS7.1AI score0.01177EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/07 9:30 a.m.7 views

ai.catboost:catboost-spark_3.2_2.12 (>=1.0.6 <=1.2.10), ai.catboost:catboost-spark_3.2_2.13 (>=1.0.6 <=1.2.10) +5260 more potentially affected by CVE-2026-24308 via org.apache.zookeeper:zookeeper (>=3.5.2-alpha <=3.8.5)

org.apache.zookeeper:zookeeper MAVEN version =3.5.2-alpha, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =0.0.25, =0.0.25, =0.0.25, =0.20.0, =0.21.0 and more Source cves: CVE-2026-24308 Source advisory: SNYK:JAVA-ORGAPACHEZOOKEEPER-15443353...

7.5CVSS7.1AI score0.01177EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/03/07 9:30 a.m.11 views

ai.catboost:catboost-spark_4.0_2.13 (=1.2.10), ai.catboost:catboost-spark_4.1_2.13 (=1.2.10) +1220 more potentially affected by CVE-2026-24281 via org.apache.zookeeper:zookeeper (>=3.8.0 <=3.8.5)

org.apache.zookeeper:zookeeper MAVEN version =3.8.0, =3.10.0.5, =0.1.0, =0.2.6, =0.0.33, =0.0.82, =0.0.33, =0.0.33, =0.0.33, =0.6.2, =0.6.0, =0.7.1 and more Source cves: CVE-2026-24281 Source advisory: OSV:GHSA-7XRH-HQFC-G7QR...

7.4CVSS7.2AI score0.00633EPSS
Exploits0
Wolfi
Wolfi
added 2026/03/06 1:48 p.m.7 views

CVE-2025-12183 vulnerabilities

Vulnerabilities for packages: debezium-connector-db2, cassandra, debezium-connector-ibmi, debezium-connector-spanner, debezium-connector-vitess, strimzi-kafka-operator, debezium, kafka, debezium-connector-informix, zipkin, spark...

8.8CVSS6.9AI score0.00661EPSS
Exploits0
Wolfi
Wolfi
added 2026/03/06 1:48 p.m.5 views

GHSA-VQF4-7M7X-WGFC vulnerabilities

Vulnerabilities for packages: debezium-connector-db2, cassandra, debezium-connector-ibmi, debezium-connector-spanner, debezium-connector-vitess, strimzi-kafka-operator, debezium, kafka, debezium-connector-informix, zipkin, spark...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/03/06 1:39 p.m.8 views

CVE-2025-12183 vulnerabilities

Vulnerabilities for packages: debezium-connector-ibmi, elasticsearch, strimzi-kafka-operator, kafbat-ui-fips, opensearch, elasticsearch-fips, kafka, debezium, cassandra, kafka-fips, debezium-connector-spanner, debezium-connector-informix, cassandra-fips, zipkin, knative-kafka-broker, kafbat-ui,...

8.8CVSS6.9AI score0.00661EPSS
Exploits0
Chainguard
Chainguard
added 2026/03/06 1:39 p.m.7 views

GHSA-VQF4-7M7X-WGFC vulnerabilities

Vulnerabilities for packages: debezium-connector-ibmi, elasticsearch, strimzi-kafka-operator, kafbat-ui-fips, opensearch, elasticsearch-fips, kafka, debezium, cassandra, kafka-fips, debezium-connector-spanner, debezium-connector-informix, cassandra-fips, zipkin, knative-kafka-broker, kafbat-ui,...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/05 1:57 a.m.7 views

CVE-2026-26673

An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem...

7.5CVSS6AI score0.00372EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/04 6:31 p.m.8 views

EUVD-2026-9420

An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem...

7.5CVSS6AI score0.00372EPSS
Exploits1References2
OSV
OSV
added 2026/03/04 4:16 p.m.7 views

CVE-2026-26673

An issue in DJI Mavic Mini, Spark, Mavic Air, Mini, Mini SE 0.1.00.0500 and below allows a remote attacker to cause a denial of service via the DJI Enhanced-WiFi transmission subsystem...

7.5CVSS5.9AI score0.00372EPSS
Exploits1References1
Rows per page
Query Builder