Export limit exceeded: 352353 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2931 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25168 | 1 Apache | 1 Hadoop | 2024-11-21 | 9.8 Critical |
| Apache Hadoop's FileUtil.unTar(File, File) API does not escape the input file name before being passed to the shell. An attacker can inject arbitrary commands. This is only used in Hadoop 3.3 InMemoryAliasMap.completeBootstrapTransfer, which is only ever run by a local user. It has been used in Hadoop 2.x for yarn localization, which does enable remote code execution. It is used in Apache Spark, from the SQL command ADD ARCHIVE. As the ADD ARCHIVE command adds new binaries to the classpath, being able to execute shell scripts does not confer new permissions to the caller. SPARK-38305. "Check existence of file before untarring/zipping", which is included in 3.3.0, 3.1.4, 3.2.2, prevents shell commands being executed, regardless of which version of the hadoop libraries are in use. Users should upgrade to Apache Hadoop 2.10.2, 3.2.4, 3.3.3 or upper (including HADOOP-18136). | ||||
| CVE-2022-25167 | 1 Apache | 1 Flume | 2024-11-21 | 9.8 Critical |
| Apache Flume versions 1.4.0 through 1.9.0 are vulnerable to a remote code execution (RCE) attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI to allow only the use of the java protocol or no protocol. | ||||
| CVE-2022-24969 | 1 Apache | 1 Dubbo | 2024-11-21 | 6.1 Medium |
| bypass CVE-2021-25640 > In Apache Dubbo prior to 2.6.12 and 2.7.15, the usage of parseURL method will lead to the bypass of the white host check which can cause open redirect or SSRF vulnerability. | ||||
| CVE-2022-24948 | 1 Apache | 1 Jspwiki | 2024-11-21 | 6.1 Medium |
| A carefully crafted user preferences for submission could trigger an XSS vulnerability on Apache JSPWiki, related to the user preferences screen, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.2 or later. | ||||
| CVE-2022-24947 | 1 Apache | 1 Jspwiki | 2024-11-21 | 8.8 High |
| Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later. | ||||
| CVE-2022-24294 | 1 Apache | 1 Mxnet | 2024-11-21 | 7.5 High |
| A regular expression used in Apache MXNet (incubating) is vulnerable to a potential denial-of-service by excessive resource consumption. The bug could be exploited when loading a model in Apache MXNet that has a specially crafted operator name that would cause the regular expression evaluation to use excessive resources to attempt a match. This issue affects Apache MXNet versions prior to 1.9.1. | ||||
| CVE-2022-24289 | 1 Apache | 1 Cayenne | 2024-11-21 | 8.8 High |
| Hessian serialization is a network protocol that supports object-based transmission. Apache Cayenne's optional Remote Object Persistence (ROP) feature is a web services-based technology that provides object persistence and query functionality to 'remote' applications. In Apache Cayenne 4.1 and earlier, running on non-current patch versions of Java, an attacker with client access to Cayenne ROP can transmit a malicious payload to any vulnerable third-party dependency on the server. This can result in arbitrary code execution. | ||||
| CVE-2022-24288 | 1 Apache | 1 Airflow | 2024-11-21 | 8.8 High |
| In Apache Airflow, prior to version 2.2.4, some example DAGs did not properly sanitize user-provided params, making them susceptible to OS Command Injection from the web UI. | ||||
| CVE-2022-24070 | 5 Apache, Apple, Debian and 2 more | 7 Subversion, Macos, Debian Linux and 4 more | 2024-11-21 | 7.5 High |
| Subversion's mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. | ||||
| CVE-2022-23974 | 1 Apache | 1 Pinot | 2024-11-21 | 7.5 High |
| In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release 0.10.0 fixes this. See https://docs.pinot.apache.org/basics/releases/0.10.0 | ||||
| CVE-2022-23945 | 1 Apache | 1 Shenyu | 2024-11-21 | 7.5 High |
| Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | ||||
| CVE-2022-23944 | 1 Apache | 1 Shenyu | 2024-11-21 | 9.1 Critical |
| User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1. | ||||
| CVE-2022-23942 | 1 Apache | 1 Doris | 2024-11-21 | 7.5 High |
| Apache Doris, prior to 1.0.0, used a hardcoded key and IV to initialize the cipher used for ldap password, which may lead to information disclosure. | ||||
| CVE-2022-23913 | 3 Apache, Netapp, Redhat | 9 Activemq Artemis, Active Iq Unified Manager, Oncommand Workflow Automation and 6 more | 2024-11-21 | 7.5 High |
| In Apache ActiveMQ Artemis prior to 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory. | ||||
| CVE-2022-23437 | 4 Apache, Netapp, Oracle and 1 more | 31 Xerces-j, Active Iq Unified Manager, Agile Engineering Data Management and 28 more | 2024-11-21 | 6.5 Medium |
| There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions. | ||||
| CVE-2022-23223 | 1 Apache | 1 Shenyu | 2024-11-21 | 7.5 High |
| On Apache ShenYu versions 2.4.0 and 2.4.1, and endpoint existed that disclosed the passwords of all users. Users are recommended to upgrade to version 2.4.2 or later. | ||||
| CVE-2022-23206 | 1 Apache | 1 Traffic Control | 2024-11-21 | 7.5 High |
| In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, an unprivileged user who can reach Traffic Ops over HTTPS can send a specially-crafted POST request to /user/login/oauth to scan a port of a server that Traffic Ops can reach. | ||||
| CVE-2022-23181 | 4 Apache, Debian, Oracle and 1 more | 10 Tomcat, Debian Linux, Agile Engineering Data Management and 7 more | 2024-11-21 | 7.0 High |
| The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to persist sessions using the FileStore. | ||||
| CVE-2022-22932 | 2 Apache, Redhat | 2 Karaf, Jboss Fuse | 2024-11-21 | 5.3 Medium |
| Apache Karaf obr:* commands and run goal on the karaf-maven-plugin have partial path traversal which allows to break out of expected folder. The risk is low as obr:* commands are not very used and the entry is set by user. This has been fixed in revision: https://gitbox.apache.org/repos/asf?p=karaf.git;h=36a2bc4 https://gitbox.apache.org/repos/asf?p=karaf.git;h=52b70cf Mitigation: Apache Karaf users should upgrade to 4.2.15 or 4.3.6 or later as soon as possible, or use correct path. JIRA Tickets: https://issues.apache.org/jira/browse/KARAF-7326 | ||||
| CVE-2022-22931 | 1 Apache | 1 James | 2024-11-21 | 4.3 Medium |
| Fix of CVE-2021-40525 do not prepend delimiters upon valid directory validations. Affected implementations include: - maildir mailbox store - Sieve file repository This enables a user to access other users data stores (limited to user names being prefixed by the value of the username being used). | ||||