Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...
Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the...
7.8CVSS
7.8AI Score
0.001EPSS
Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider. When the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks...
8.8CVSS
8.6AI Score
0.001EPSS
Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not...
7.5CVSS
7.2AI Score
0.001EPSS
** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in...
In Apache Spark versions prior to 3.4.0, applications using spark-submit can specify a 'proxy-user' to run as, limiting privileges. The application can execute code with the privileges of the submitting user, however, by providing malicious configuration-related classes on the classpath. This...
9.9CVSS
9.4AI Score
0.001EPSS
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before...
7.5CVSS
7.5AI Score
0.001EPSS
DJI Spark 01.00.0900 allows remote attackers to prevent legitimate terminal connections by exhausting the DHCP IP address pool. To accomplish this, the attacker would first need to connect to the device's internal Wi-Fi network (e.g., by guessing the password). Then, the attacker would need to...
9.1CVSS
5.7AI Score
0.003EPSS
A missing permission check in Jenkins Cisco Spark Notifier Plugin 1.1.1 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in...
4.3CVSS
4.4AI Score
0.001EPSS
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to DAG files. This issue affects Spark Provider...
5.5CVSS
5.4AI Score
0.001EPSS
A stored cross-site scripting (XSS) vulnerability in Apache Spark 3.2.1 and earlier, and 3.3.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the logs which would be returned in logs rendered in the...
5.4CVSS
5.4AI Score
0.001EPSS
Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript...
7.2AI Score
0.02EPSS
The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to.....
Jenkins Cisco Spark Plugin 1.1.1 and earlier stores bearer tokens unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file...
4.3CVSS
4.8AI Score
0.001EPSS
Apache Spark supports end-to-end encryption of RPC connections via "spark.authenticate" and "spark.network.crypto.enabled". In versions 3.1.2 and earlier, it uses a bespoke mutual authentication protocol that allows for full encryption key recovery. After an initial interactive attack, this would.....
7.5CVSS
7.7AI Score
0.001EPSS
Firely/Incendi Spark before 1.5.5-r4 lacks Content-Disposition headers in certain situations, which may cause crafted files to be delivered to clients such that they are rendered directly in a victim's web...
6.1CVSS
6.1AI Score
0.001EPSS
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) parameters, the server may enter a denial of service (DoS) state due to high CPU usage processing those...
5.3CVSS
5.2AI Score
0.028EPSS
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that...
4.8CVSS
5.1AI Score
0.012EPSS
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even....
9.8CVSS
9.4AI Score
0.03EPSS
An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request.....
8.8CVSS
8.5AI Score
0.002EPSS
The Spark application through 2.0.2 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READ_EXTERNAL_STORAGE...
6.1CVSS
5.9AI Score
0.001EPSS
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding...
9.1CVSS
8.9AI Score
0.002EPSS
A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but in different...
7.5CVSS
8.6AI Score
0.002EPSS
The Tecno Spark Pro Android device with a build fingerprint of TECNO/H3722/TECNO-K8:7.0/NRD90M/K8-H3722ABCDE-N-171229V96:user/release-keys contains a pre-installed app with a package name of com.lovelyfont.defcontainer app (versionCode=7, versionName=7.0.5) that allows unauthorized dynamic code...
7.8CVSS
7.3AI Score
0.0004EPSS
Prior to Spark 2.3.3, in certain situations Spark would write user data to local disk unencrypted, even if spark.io.encryption.enabled=true. This includes cached blocks that are fetched to disk (controlled by spark.maxRemoteBlockSizeFetchToMem); in SparkR, using parallelize; in Pyspark, using...
7.5CVSS
7.3AI Score
0.001EPSS
When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to...
5.5CVSS
5.5AI Score
0.0004EPSS
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, the ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971/peony:7.1.1/NMF26V/20171129.143111:user/release-keys, the ZTE ZMAX Pro Android device with a build....
4.7CVSS
4.4AI Score
0.0005EPSS
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute...
9.8CVSS
8.7AI Score
0.015EPSS
Untrusted search path vulnerability in Baidu Browser Version 43.23.1000.500 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified...
7.8CVSS
7.7AI Score
0.001EPSS
Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts by default. A...
7.5CVSS
7.3AI Score
0.003EPSS
From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secret for authenticating requests to submit jobs via....
4.2CVSS
4.3AI Score
0.97EPSS
In Apache Spark 2.1.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it's possible for a malicious user to construct a URL pointing to a Spark cluster's UI's job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the.....
5.4CVSS
5.3AI Score
0.0005EPSS
In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark...
4.7CVSS
4.7AI Score
0.0004EPSS
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime...
5.3CVSS
5.1AI Score
0.006EPSS
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct additional reconnaissance...
7.5CVSS
7.3AI Score
0.002EPSS
A vulnerability in certain authentication controls in the account services of Cisco Spark could allow an authenticated, remote attacker to interact with and view information on an affected device that would normally be prohibited. The vulnerability is due to the improper display of user-account...
4.7CVSS
4.5AI Score
0.001EPSS
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka Signature Verification Bypass. The vulnerability is due to insufficient upgrade package validation. An attacker could exploit this vulnerability by....
4.4CVSS
4.6AI Score
0.0004EPSS
A vulnerability in the web UI of Cisco Spark Messaging Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web UI of the affected software. An attacker could exploit this...
5.4CVSS
5.2AI Score
0.001EPSS
In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. This makes applications launched programmatically using the launcher API potentially vulnerable to arbitrary code execution by an attacker with access to any user account on the...
7.8CVSS
7.9AI Score
0.0004EPSS
In Apache Spark before 2.2.0, it is possible for an attacker to take advantage of a user's trust in the server to trick them into visiting a link that points to a shared Spark cluster and submits data including MHTML to the Spark master, or history server. This data, which could contain a script,.....
6.1CVSS
6.2AI Score
0.001EPSS
Directory traversal vulnerability in Spark 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the...
7.5CVSS
7.5AI Score
0.003EPSS
The REST interface in Cisco Spark 2015-06 allows remote attackers to cause a denial of service (resource outage) by accessing an administrative page, aka Bug ID...
5.3CVSS
5.3AI Score
0.002EPSS
The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive information via a request for an unspecified file, aka Bug ID...
4.3CVSS
4.1AI Score
0.001EPSS
The REST interface in Cisco Spark 2015-07-04 allows remote attackers to bypass intended access restrictions and create arbitrary user accounts via unspecified web requests, aka Bug ID...
7.5CVSS
7.5AI Score
0.002EPSS
The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate, aka Bug IDs CSCut36742 and...
6.1AI Score
0.001EPSS
The Capital One Spark Pay (aka com.capitalone.sparkpay) application 0.9.81 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted...
6AI Score
0.0005EPSS