Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
spark vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2018-8024
In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute...
Apache Spark
Apache Spark 2.3.0
Mozilla Firefox -
5
CVSSv2
CVE-2018-9159
In Spark prior to 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
Sparkjava Spark
5
CVSSv2
CVE-2017-12310
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote malicious user to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct addition...
Cisco Spark Hybrid Calendar Service
6.5
CVSSv2
CVE-2018-0119
A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote malicious user to interact with and view information on an affected device that would normally be prohibited. The vulnerability is due to the improper di...
Cisco Conference Director 2017-08-30
2.1
CVSSv2
CVE-2017-12306
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local malicious user to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation. An attacker could explo...
Cisco Conference Director 2017-08-15
2.9
CVSSv2
CVE-2017-13079
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.2
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Opensuse Leap 42.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.3
W1.fi Hostapd 0.6.10
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.4.11
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.2.8
2 Articles
2.9
CVSSv2
CVE-2017-13081
Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.
Debian Debian Linux 8.0
Freebsd Freebsd 11
Redhat Enterprise Linux Server 7
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd 10.4
Canonical Ubuntu Linux 17.04
Opensuse Leap 42.2
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Freebsd Freebsd 11.1
Freebsd Freebsd 10
Freebsd Freebsd
Opensuse Leap 42.3
W1.fi Hostapd 2.4
W1.fi Hostapd 2.3
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.2.8
W1.fi Hostapd 0.2.6
2 Articles
5.4
CVSSv2
CVE-2017-13084
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
Freebsd Freebsd 11
Freebsd Freebsd 11.1
Redhat Enterprise Linux Desktop 7
Freebsd Freebsd
Canonical Ubuntu Linux 17.04
Canonical Ubuntu Linux 16.04
Freebsd Freebsd 10
Freebsd Freebsd 10.4
Opensuse Leap 42.3
Opensuse Leap 42.2
Debian Debian Linux 9.0
Debian Debian Linux 8.0
Canonical Ubuntu Linux 14.04
Redhat Enterprise Linux Server 7
W1.fi Hostapd 2.3
W1.fi Hostapd 2.2
W1.fi Hostapd 0.6.9
W1.fi Hostapd 0.6.8
W1.fi Hostapd 0.4.10
W1.fi Hostapd 0.4.9
W1.fi Hostapd 0.4.8
W1.fi Hostapd 0.2.6
1 Article
3.5
CVSSv2
CVE-2017-12269
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote malicious user to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web UI of the affected software. An attacker...
Cisco Spark -
7.2
CVSSv2
CVE-2017-12612
In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user a...
Apache Spark 2.0.2
Apache Spark 2.1.1
Apache Spark 1.6.1
Apache Spark 1.6.2
Apache Spark 1.6.3
Apache Spark 2.0.0
Apache Spark 1.6.0
Apache Spark 2.0.1
Apache Spark 2.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »