Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hadoop vulnerabilities and exploits
(subscribe to this query)
8.4
CVSSv3
CVE-2015-7430
The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 prior to 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors.
Apache Hadoop 2.5.0
Apache Hadoop 1.1.1
Apache Hadoop 2.7.0
Apache Hadoop 2.4.0
NA
CVE-2015-1889
The Big SQL component in IBM InfoSphere BigInsights 3.0 up to and including 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statement referencing the data of an arbitrary user or (2) an import of a c...
Ibm Infosphere Biginsights 3.0.0.0
Ibm Infosphere Biginsights 3.0.0.1
Ibm Infosphere Biginsights 3.0.0.2
NA
CVE-2014-8733
Cloudera Manager 5.2.0, 5.2.1, and 5.3.0 stores the LDAP bind password in plaintext in unspecified world-readable files under /etc/hadoop, which allows local users to obtain this password.
Cloudera Cloudera Manager 5.2.1
Cloudera Cloudera Manager 5.3.0
Cloudera Cloudera Manager 5.2.0
NA
CVE-2014-3627
The YARN NodeManager daemon in Apache Hadoop 0.23.0 up to and including 0.23.11 and 2.x prior to 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which...
Apache Hadoop 2.0.4
Apache Hadoop 0.23.9
Apache Hadoop 0.23.3
Apache Hadoop 2.0.3
Apache Hadoop 2.0.6
Apache Hadoop 2.1.0
Apache Hadoop 2.5.1
Apache Hadoop 2.0.5
Apache Hadoop 2.2.0
Apache Hadoop 0.23.6
Apache Hadoop 2.5.0
Apache Hadoop 2.1.1
Apache Hadoop 2.0.0
Apache Hadoop 0.23.0
Apache Hadoop 0.23.4
Apache Hadoop 2.4.0
Apache Hadoop 0.23.5
Apache Hadoop 2.4.1
Apache Hadoop 0.23.10
Apache Hadoop 2.0.2
Apache Hadoop 0.23.8
Apache Hadoop 2.3.0
NA
CVE-2012-3376
DataNodes in Apache Hadoop 2.0.0 alpha does not check the BlockTokens of clients when Kerberos is enabled and the DataNode has checked out the same BlockPool twice from a NodeName, which might allow remote clients to read arbitrary blocks, write to blocks to which they only have ...
Apache Hadoop 2.0.0
NA
CVE-2012-1574
The Kerberos/MapReduce security functionality in Apache Hadoop 0.20.203.0 up to and including 0.20.205.0, 0.23.x prior to 0.23.2, and 1.0.x prior to 1.0.2, as used in Cloudera CDH CDH3u0 through CDH3u2, Cloudera hadoop-0.20-sbin prior to 0.20.2+923.197, and other products, allows...
Apache Hadoop 0.20.203.0
Apache Hadoop 0.20.204.0
Apache Hadoop 0.20.205.0
Apache Hadoop 0.23.1
Apache Hadoop 1.0.0
Apache Hadoop 0.23.0
Apache Hadoop 1.0.1
Cloudera Hadoop 0.20.1\\+169
Cloudera Hadoop 0.20.2\\+923
Cloudera Cloudera Cdh Cdh3
Cloudera Hadoop 0.20-sbin
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22460
CVE-2024-4646
CVE-2024-29212
IMAP
CVE-2023-36672
CVE-2024-34547
command injection
CVE-2024-4651
stored XSS
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6