Lucene search
K

6 matches found

Circl
Circl
added 2025/03/13 7:48 p.m.7 views

CVE-2025-27103

creationtimestamp| type| source ---|---|--- 2025-03-13 19:48:26+00:00| seen| https://t.me/cvedetector/20246...

8.6CVSS5.3AI score0.00424EPSS
Exploits1References1
NVD
NVD
added 2025/03/13 5:15 p.m.16 views

CVE-2025-27103

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. ...

8.6CVSS0.00424EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/13 4:44 p.m.9 views

CVE-2025-27103 Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability​

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. ...

8.6CVSS6.3AI score0.00424EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/13 4:44 p.m.34 views

CVE-2025-27103 Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability​

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. ...

8.6CVSS0.00424EPSS
Exploits1References1
CVE
CVE
added 2025/03/13 4:44 p.m.73 views

CVE-2025-27103

Summary (CVE-2025-27103) DataEase (open source BI tool) prior to v2.10.6 is affected by a bypass of the patch for CVE-2024-55953 that allows authenticated users to read and deserialize arbitrary files via the background JDBC connection. The issue arises from the unfiltered JDBC connection string ...

8.6CVSS6.3AI score0.00424EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/03/13 4:44 p.m.15 views

CVE-2025-27103 Dataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read Vulnerability​

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. ...

8.6CVSS6.5AI score0.00424EPSS
Exploits1References3
Rows per page
Query Builder