Where
-Infinity
0

Trending

Last week
Last month
Last year

Apache AmbariApache Ambari: Remote Code Injection in Ambari Metrics and AMS Alerts

Risk 83
Severity
8.8
First published (updated )
CVE-2024-51941

Apache AmbariApache Ambari: Code Injection Vulnerability in Ambari Alert Definition

Risk 58
Severity
8.8
EPSS
0.04%
First published (updated )
CVE-2025-23196

Apache AmbariApache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie

Risk 32
Severity
7.5
EPSS
0.04%
First published (updated )
CVE-2025-23195

CVE-2024-51941: Apache Ambari: mote Code Injection in Ambari Metrics and AMS Alerts

First published (updated )
https://seclists.org/oss-sec/2025/q1/43

CVE-2025-23196: Apache Ambari: Code Injection Vulnerability in Ambari Alert Definition

First published (updated )
https://seclists.org/oss-sec/2025/q1/42
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

CVE-2025-23195: Apache Ambari: XML External Entity (XXE) Vulnerability in Ambari/Oozie

First published (updated )
https://seclists.org/oss-sec/2025/q1/41

CVE-2023-50378: Apache Ambari: Various XSS problems

First published (updated )
https://seclists.org/oss-sec/2024/q1/184

maven/org.apache.ambari:ambariApache Ambari: Various XSS problems

Risk 40
Severity
6.1
First published (updated )
CVE-2023-50378

maven/org.apache.ambari.contrib.views:wfmanagerApache Ambari: authenticated users could perform XXE to read arbitrary files on the server

Risk 40
Severity
6.5
First published (updated )
CVE-2023-50380

CVE-2023-50380: Apache Ambari: authenticated users could perform XXE to read arbitrary files on the server

First published (updated )
https://seclists.org/oss-sec/2024/q1/167
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.apache.ambari.contrib.views:ambari-contrib-viewsApache Ambari: authenticated users could perform command injection to perform RCE

Risk 84
Severity
8.8
First published (updated )
CVE-2023-50379

CVE-2023-50379: Apache Ambari: authenticated users could perform command injection to perform RCE

First published (updated )
https://seclists.org/oss-sec/2024/q1/162

Apache AmbariApache Ambari: Allows authenticated metrics consumers to perform RCE

Risk 80
Severity
8.8
First published (updated )
CVE-2022-45855

Apache AmbariApache Ambari: A malicious authenticated user can remotely execute arbitrary code in the context of the application.

Risk 81
Severity
8.8
First published (updated )
CVE-2022-42009

Apache AmbariPath Traversal

Risk 43
Severity
7.5
First published (updated )
CVE-2020-13924
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache AmbariStored XSS in Apache Ambari

Risk 38
Severity
6.1
First published (updated )
CVE-2020-1936

Apache AmbariApache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari …

Risk 75
Severity
8.1
First published (updated )
CVE-2018-8042

Apache AmbariPath Traversal

Risk 27
Severity
5.3
First published (updated )
CVE-2018-8003

Apache AmbariInfoleak

Risk 38
Severity
6.5
First published (updated )
CVE-2017-5655

Apache AmbariIn Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be a…

Risk 43
Severity
7.5
First published (updated )
CVE-2017-5654
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache AmbariDuring installation of Ambari 2.4.0 through 2.4.2, Ambari Server artifacts are not created with prop…

Risk 86
Severity
9.8
First published (updated )
CVE-2017-5642

Apache AmbariCode Injection

Risk 86
Severity
9.8
First published (updated )
CVE-2014-3582

Apache AmbariInfoleak

Risk 32
Severity
5.5
First published (updated )
CVE-2016-4976

Apache AmbariCustom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, l…

Risk 87
Severity
9.8
First published (updated )
CVE-2016-6807

Apache AmbariThe File Browser View in Apache Ambari before 2.2.1 allows remote authenticated administrators to re…

Risk 30
Severity
4.9
First published (updated )
CVE-2016-0731
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache AmbariThe agent in Apache Ambari before 2.1.2 uses weak permissions for the (1) /var/lib/ambari-agent/data…

Risk 18
Severity
3.3
First published (updated )
CVE-2016-0707

Apache AmbariInfoleak

Risk 22
Severity
4.3
First published (updated )
CVE-2015-4928

Apache AmbariInfoleak

Risk 13
Severity
2.1
First published (updated )
CVE-2015-4940

Apache AmbariXSS

Risk 18
Severity
3.5
First published (updated )
CVE-2015-3186

Apache AmbariApache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain administr…

Risk 46
Severity
6.5
First published (updated )
CVE-2015-3270
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203