Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zookeeper vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-15024
In all versions of ClickHouse prior to 19.14.3, an attacker having write access to ZooKeeper and who is able to run a custom server available from the network where ClickHouse runs, can create a custom-built malicious server that will act as a ClickHouse replica and register it i...
Yandex Clickhouse
6.4
CVSSv2
CVE-2019-4244
IBM SmartCloud Analytics 1.3.1 up to and including 1.3.5 could allow a remote malicious user to gain unauthorized information and unrestricted control over Zookeeper installations due to missing authentication. IBM X-Force ID: 159518.
Ibm Smartcloud Analytics Log Analysis
6.4
CVSSv2
CVE-2017-6711
A vulnerability in the Ultra Automation Service (UAS) of the Cisco Ultra Services Framework could allow an unauthenticated, remote malicious user to gain unauthorized access to a targeted device. The vulnerability is due to an insecure default configuration of the Apache ZooKeepe...
Cisco Ultra Services Framework
7.5
CVSSv2
CVE-2015-1836
Apache HBase 0.98 prior to 0.98.12.1, 1.0 prior to 1.0.1.1, and 1.1 prior to 1.1.0.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, uses incorrect ACLs for ZooKeeper coordination state, which allows remote malicious users to cause a denial of...
Ibm Infosphere Biginsights 3.0.0.2
Ibm Infosphere Biginsights 3.0.0.0
Ibm Infosphere Biginsights 3.0.0.1
Apache Hbase 0.98.1
Apache Hbase 0.98.9
Apache Hbase 0.98.2
Apache Hbase 0.98.4
Apache Hbase 0.98.11
Apache Hbase 0.98.3
Apache Hbase 0.98.8
Apache Hbase 0.98.10
Apache Hbase 0.98.7
Apache Hbase 0.98.6.1
Apache Hbase 0.98.5
Apache Hbase 0.98.12
Apache Hbase 0.98.10.1
Apache Hbase 0.98.6
Apache Hbase 0.98.0
10
CVSSv2
CVE-2019-5029
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web UI versions 1.0.9 to 1.7.1. Arbitrary shell commands surrounded by backticks or $() can be inserted into the editor and will be executed by the Exhibitor process when it launches ZooKe...
Exhibitor Project Exhibitor
1 Github repository
3.5
CVSSv2
CVE-2022-1816
A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input <script>alert(1...
Phpgurukul Zoo Management System 1.0
5
CVSSv2
CVE-2019-11579
dhcp.c in dhcpcd prior to 7.2.1 contains a 1-byte read overflow with DHO_OPTSOVERLOADED.
Dhcpcd Project Dhcpcd
Debian Debian Linux 8.0
6.5
CVSSv2
CVE-2021-36162
Apache Dubbo supports various rules to support configuration override or traffic routing (called routing in Dubbo). These rules are loaded into the configuration center (eg: Zookeeper, Nacos, ...) and retrieved by the customers when making a request in order to find the right end...
Apache Dubbo
1 Github repository
2.1
CVSSv2
CVE-2018-8010
This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar w...
Apache Solr
NA
CVE-2024-27309
While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL con...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2