Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

24 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2016-0760

Malware in sbrugna...

4.9CVSS5.1AI score0.00201EPSS
Exploits0References4
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-0976

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.0011EPSS
Exploits0References36
OSV
OSVadded 2024/03/06 11:7 a.m.25 views

BIT-SOLR-2020-9492

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0 to 3.1.3, and 2.0.0 to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS7.2AI score0.0011EPSS
Exploits0References17
SUSE CVE
SUSE CVEadded 2023/02/15 4:0 a.m.1 views

SUSE CVE-2020-9492

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS8.8AI score0.0011EPSS
Exploits0References3
RedHat Linux
RedHat Linuxadded 2022/07/19 1:40 p.m.2 views

hadoop: WebHDFS client might send SPNEGO authorization header

A flaw was found in Apache hadoop. The WebHDFS client can send a SPNEGO authorization header to a remote URL without proper verification which could lead to an access restriction bypass. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

8.8CVSS7.2AI score0.0011EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2022/02/09 10:17 p.m.32 views

Improper Privilege Management in Apache Hadoop

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS8.9AI score0.0011EPSS
Exploits0References19Affected Software1
OSV
OSVadded 2022/02/09 10:17 p.m.0 views

GHSA-F8VC-WFC8-HXQH Improper Privilege Management in Apache Hadoop

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS7.2AI score0.0011EPSS
Exploits0References19
OSV
OSVadded 2021/05/30 11:2 a.m.1 views

OESA-2021-1201 hadoop security update

Apache Hadoop is a framework that allows for the distributed processing of large data sets across clusters of computers using simple programming models. It is designed to scale up from single servers to thousands of machines, each offering local computation and storage. Security Fixes: In Apache...

8.8CVSS8.5AI score0.0011EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2021/02/04 4:52 p.m.50 views

CVE-2020-9492

A flaw was found in Apache hadoop. The WebHDFS client can send a SPNEGO authorization header to a remote URL without proper verification which could lead to an access restriction bypass. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

8.8CVSS2AI score0.0011EPSS
Exploits0References5
CNVD
CNVDadded 2021/02/03 12:0 a.m.6 views

Unspecified Vulnerability in Apache Hadoop

Apache Hadoop is a set of open source distributed systems infrastructure of the U.S. Apache Apache Foundation. The product is capable of distributed processing of large amounts of data and is characterized by high reliability, high scalability, high fault tolerance and so on. A security...

8.8CVSS6.6AI score0.0011EPSS
Exploits0References1
OSV
OSVadded 2021/01/26 6:16 p.m.27 views

CVE-2020-9492

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS6.7AI score
Exploits0References16
NVD
NVDadded 2021/01/26 6:16 p.m.17 views

CVE-2020-9492

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

8.8CVSS9.2AI score0.0011EPSS
Exploits0References16
Cvelist
Cvelistadded 2021/01/26 12:55 p.m.21 views

CVE-2020-9492

In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification...

9.1AI score0.0011EPSS
Exploits0References16
CVE
CVEadded 2021/01/26 12:55 p.m.151 views

CVE-2020-9492

CVE-2020-9492 : In Hadoop, the WebHDFS client may send a SPNEGO authorization header to a remote URL without proper verification. Affected are Hadoop releases: 3.2.0–3.2.1, 3.0.0-alpha1–3.1.3, and 2.0.0-alpha–2.10.0. The description in the initial document directly states the header could be sent...

8.8CVSS8.4AI score0.0011EPSS
Exploits0References16Affected Software2
Positive Technologies
Positive Technologiesadded 2021/01/26 12:0 a.m.1 views

PT-2021-12856 · Apache · Apache Hadoop

Name of the Vulnerable Software and Affected Versions: Apache Hadoop versions 2.0.0-alpha through 2.10.0 Apache Hadoop versions 3.0.0-alpha1 through 3.1.3 Apache Hadoop versions 3.2.0 through 3.2.1 Description: The WebHDFS client in Apache Hadoop might send an SPNEGO authorization header to a...

8.8CVSS8.3AI score0.0011EPSS
Exploits0References39
CNNVD
CNNVDadded 2021/01/26 12:0 a.m.1 views

Apache Hadoop 安全漏洞

Apache Hadoop is a set of open source distributed systems infrastructure of the U.S. Apache Apache Foundation. The product is capable of distributed processing of large amounts of data and is characterized by high reliability, high scalability, high fault tolerance and so on. A security...

8.8CVSS6.8AI score0.00348EPSS
Exploits3References30
Veracode
Veracodeadded 2017/05/27 3:13 a.m.25 views

Escalation Of Privileges

Apache Knox is vulnerable to privilege escalation. This is possible due to a flaw in the handling of authentication in WebHDFS through knox. It allows authenticated users to impersonate another user and potentially access unauthorized data or escalate privileges. The attack attempts are logged an...

6.8CVSS6.8AI score0.00072EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2017/05/26 9:29 p.m.15 views

CVE-2017-5646

For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While this activity is audit logged and can be...

6.8CVSS6.5AI score0.00072EPSS
Exploits0References3
OSV
OSVadded 2017/05/26 9:29 p.m.14 views

CVE-2017-5646

For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially crafted URL to impersonate another user while accessing WebHDFS through Apache Knox. This may result in escalated privileges and unauthorized data access. While this activity is audit logged and can be...

6.8CVSS6.7AI score
Exploits0References3
seebug.org
seebug.orgadded 2017/04/24 12:0 a.m.32 views

Hadoop HDFSBrowser information disclosure

Browsing the HDFS datalake ========================== Description ----------- There are 2 different and distinct approaches to browse the HDFS datalake: A. Through the WebHDFS API B. Through the native Hadoop CLI WebHDFS ------- WebHDFS offers REST API for users to access data on the HDFS...

7.1AI score
Exploits0
Rows per page
Query Builder