7661 matches found
Malicious Package
Overview vue-analytics-plugin is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Oracle Business Intelligence Enterprise Edition (OAS 8.2) (October 2025 CPU)
The version of Oracle Business Intelligence Enterprise Edition OAS 8.2.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics...
Vulnerabilities fixed in Oracle Analytics
Oracle has fixed several vulnerabilities in Oracle Analytics products. The vulnerabilities can compromise confidentiality, integrity and availability, with a maximum impact score of "HIGH. Attackers can exploit these vulnerabilities to gain unauthorized access or conduct denial-of-service DoS...
Vulnerabilities fixed in Zohocorp's ManageEngine
Zohocorp has fixed vulnerabilities in ManageEngine Specifically for ADManager Plus, EndPoint Central and Analytics Plus. The vulnerabilities include an authenticated command injection in ADManager Plus, XML injections in EndPoint Central, and an authenticated SQL injection in Analytics Plus. Thes...
CVE-2025-53046
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Analytics. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...
CVE-2025-53049
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Administration. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...
Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CVE-2025-60427
LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...
ZOHO ManageEngine Analytics Plus SQL Injection Vulnerability (CNVD-2025-29927)
ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. ZOHO ManageEngine Analytics Plus SQL Injection Vulnerability, the vulnerability is due to insufficient input validation. An attacker can...
com.liferay.content-targeting:com.liferay.content.targeting.analytics.api (>=2.0.1 <=3.0.0), com.liferay.content-targeting:com.liferay.content.targeting.anonymous.users.api (>=2.0.1 <=2.0.2) +316 more potentially affected by CVE-2025-62249 via com.liferay.portal:com.liferay.portal.impl (>=114.1.0 <=62.0.1)
com.liferay.portal:com.liferay.portal.impl MAVEN version =114.1.0, =2.0.1, =2.0.1, =3.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =2.0.20, =1.0.0, =1.0.0, =2.0.13 and more Source cves: CVE-2025-62249 Source a...
CVE-2025-53049
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Administration. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...
CVE-2025-53046
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Analytics. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...
CVE-2025-53046
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Analytics. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...
EUVD-2025-35285
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Administration. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...
EUVD-2025-35288
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Analytics. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...
CVE-2025-60427
LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...
CVE-2025-60427
LibreTime 3.0.0-alpha.10 and possibly earlier is vulnerable to Broken Access Control, where a user with the DJ role can access analytics data via the Web UI and direct API calls. The backend does not verify role-based permissions for analytics endpoints, allowing unauthorized retrieval of...
CVE-2025-9428
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-9428
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...
CVE-2025-9428 SQL Injection
Zohocorp ManageEngine Analytics Plus versions 6171 and prior are vulnerable to authenticated SQL Injection via the key update api...