| CVE-2016-0735 |
high |
8.8 |
8.8 |
10y ago |
Apache Ranger Access Restriction Bypass |
|
| CVE-2016-2174 |
high |
7.2 |
7.2 |
10y ago |
SQL injection vulnerability in the policy admin tool in Apache Ranger |
|
| CVE-2015-0266 |
high |
7.1 |
7.1 |
10y ago |
Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs |
|
| CVE-2016-6815 |
medium |
6.5 |
6.5 |
9y ago |
Moderate severity vulnerability that affects org.apache.ranger:ranger |
|
| CVE-2015-5167 |
medium |
6.5 |
6.5 |
10y ago |
Apache Ranger allows users to bypass intended access restrictions via the REST API |
|
| CVE-2015-0265 |
medium |
6.1 |
6.1 |
10y ago |
Apache Ranger Cross-site Scripting vulnerability |
|
| CVE-2017-7677 |
medium |
5.9 |
5.9 |
9y ago |
Moderate severity vulnerability that affects org.apache.ranger:ranger |
|
| CVE-2016-8751 |
medium |
4.8 |
4.8 |
9y ago |
Apache Ranger admin users can store some arbitrary javascript code to be executed when normal users login and access policies |
|
| CVE-2016-5395 |
medium |
4.8 |
4.8 |
10y ago |
Apache Ranger allows remote authenticated administrators to inject arbitrary web script or HTML |
|
| CVE-2024-45479 |
unknown |
— |
— |
1y ago |
Apache Ranger UI vulnerable to Server Side Request Forgery |
|
| CVE-2024-45478 |
unknown |
— |
— |
1y ago |
Apache Ranger has Stored Cross-site Scripting vulnerability in Edit Service Page |
|
| CVE-2022-45048 |
unknown |
— |
— |
3y ago |
Apache Ranger code execution vulnerability in policy expressions |
|
| CVE-2019-12397 |
unknown |
— |
— |
7y ago |
Cross-site scripting in Apache Ranger |
|
| CVE-2018-11778 |
unknown |
— |
— |
8y ago |
UnixAuthenticationService in Apache Ranger was updated to correctly handle user input to avoid Stack-based buffer overflow |
|