Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Top Critical CVEs

Highest risk vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Discover domains across TLDs

Sign In Sign Up

Apache Software Foundation Apache Zeppelin

Version prior to 0.8.0

OTHER 2 CVEs

Known Vulnerabilities

CVE-2018-1328

Apache Zeppelin prior to 0.8.0 had a stored XSS issue via Note permissions. Issue reported by "Josna Joseph".

UNKNOWN Published Apr 23, 2019

CVE-2018-1317

In Apache Zeppelin prior to 0.8.0 the cron scheduler was enabled by default and could allow users to run paragraphs as other users without authentication.

UNKNOWN Published Apr 23, 2019