Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-33891 KEV |
|
[KEV] OS Command Injection in Apache pyspark (CVE-2022-33891)
OS command injection in Apache pyspark (CVE-2022-33891). Successful exploitation can lead to full system takeover. Exploitable via ``spark.acls.enable``. Listed in CISA KEV — actively exploited. Mitigation: upgrade to `3.2.2` or later.
|
| CVE-2017-12269 |
|
Cross-Site Scripting (XSS) in cisco (CVE-2017-12269)
cross-site scripting in cisco (CVE-2017-12269). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12612 |
|
Unsafe Deserialization in apache (CVE-2017-12612)
vulnerability in apache (CVE-2017-12612). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7678 |
|
Cross-Site Scripting (XSS) in apache (CVE-2017-7678)
cross-site scripting in apache (CVE-2017-7678). Risk of unauthorized operations or information disclosure.
|