CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

241 matches found

CNVD•added 2024/07/02 12:0 a.m.•6 views

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2024-37063)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server that...

5.4CVSS5.8AI score0.00327EPSS

Exploits0References1

CNVD•added 2024/07/02 12:0 a.m.•6 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-37061)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server, which can be...

5.4CVSS5.9AI score0.00261EPSS

Exploits0References1

CNVD•added 2024/07/02 12:0 a.m.•5 views

IBM InfoSphere Information Server Cross-Site Request Forgery Vulnerability (CNVD-2024-30213)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. IBM InfoSphere Information Server suffers from a cross-site request forgery vulnerability that...

8.8CVSS6.3AI score0.00256EPSS

Exploits0References1

Positive Technologies•added 2024/06/06 12:0 a.m.•2 views

PT-2025-7446 · Hitachi Vantara · Pentaho Data Integration & Analytics

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x Description: The product receives input from an upstream component but does not restrict or incorrectly restricts the input before it...

9CVSS8.3AI score0.00642EPSS

Exploits0References7

Vulnrichment•added 2024/05/29 1:0 p.m.•9 views

CVE-2024-5185 Data Poisoning in EmbedAI

The EmbedAI application is susceptible to security issues that enable Data Poisoning attacks. This weakness could result in the application becoming compromised, leading to unauthorized entries or data poisoning attacks, which are delivered by a CSRF vulnerability due to the absence of a secure...

8.3CVSS7.2AI score0.00158EPSS

Exploits0References1

CNVD•added 2024/05/10 12:0 a.m.•7 views

Apache InLong Code Execution Vulnerability (CNVD-2024-22229)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A code execution vulnerability exists in Apache InLong, which can be exploited by an attacker to execute arbitrary code on a system...

9.8CVSS7.8AI score0.01139EPSS

Exploits0References1

BDU FSTEC•added 2024/04/15 12:0 a.m.•2 views

The vulnerability of the software for integrating data and SQL Server Integration Services (SSIS) processes lies in insufficient validation of input data, allowing a hacker to execute arbitrary code.

The vulnerability of the software for integrating data and SQL Server Integration Services SSIS processes is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created file...

7.3CVSS7.8AI score0.00926EPSS

Exploits0References5

CNVD•added 2024/03/26 12:0 a.m.•20 views

IBM InfoSphere Information Server Log Information Disclosure Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A log information disclosure vulnerability exists in IBM InfoSphere Information Server version...

6.5CVSS5.7AI score0.00495EPSS

Exploits0References1

CNVD•added 2024/03/19 12:0 a.m.•4 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-15365)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7 th...

5.4CVSS5.8AI score0.0036EPSS

Exploits0References1

CNVD•added 2024/03/12 12:0 a.m.•26 views

Apache InLong Code Issue Vulnerability (CNVD-2024-16113)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A code issue vulnerability exists in Apache InLong versions 1.8.0 through 1.10.0, which can be exploited by an attacker to read...

9.1CVSS6.9AI score0.0122EPSS

Exploits0References1

CNVD•added 2024/03/06 12:0 a.m.•20 views

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2024-12706)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

6.1CVSS6.3AI score0.00394EPSS

Exploits0References1

NVD•added 2024/02/28 11:15 p.m.•32 views

CVE-2023-5617

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...

5.3CVSS5.3AI score0.00376EPSS

Exploits0References1

Prion•added 2024/02/28 11:15 p.m.•18 views

Design/Logic Flaw

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...

5CVSS7.2AI score0.00376EPSS

Exploits0References1

Vulnrichment•added 2024/02/28 10:30 p.m.•5 views

CVE-2023-5617 Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...

5.3CVSS6.9AI score0.00376EPSS

Exploits0References1

CVE•added 2024/02/28 10:30 p.m.•89 views

CVE-2023-5617

CVE-2023-5617 affects Hitachi Vantara Pentaho Data Integration & Analytics prior to 10.1.0.0 and 9.3.0.6 (including 9.5.x and 8.3.x). The vulnerability is information disclosure: on a server error, the Tomcat version is exposed. Impact is schema for disclosure of Tomcat version; CVSS v3.1 base sc...

5.3CVSS5.3AI score0.00376EPSS

Exploits0References1Affected Software1

Cvelist•added 2024/02/28 10:30 p.m.•38 views

CVE-2023-5617 Hitachi Vantara Pentaho Data Integration & Analytics - Server-generated Error Message Containing Sensitive Information

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...

5.3CVSS5.6AI score0.00376EPSS

Exploits0References1

CNNVD•added 2024/02/28 12:0 a.m.•9 views

Hitachi Vantara Pentaho Data Integration & Analytics Security Breach

Hitachi Vantara Pentaho Data Integration & Analytics is a data integration and analytics system from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.1.0.0 and prior to 9.3.0.6, which stems from displaying th...

5.3CVSS6.7AI score0.00376EPSS

Exploits0References3

Positive Technologies•added 2024/02/28 12:0 a.m.•4 views

PT-2024-2658 · Hitachi Vantara +1 · Hitachi Vantara Pentaho Data Integration & Analytics +1

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x Description: The issue is related to the disclosure of information through a server error message. It may allow a remote...

5.3CVSS6.9AI score0.00376EPSS

Exploits0References8

CNVD•added 2024/01/09 12:0 a.m.•7 views

Apache InLong Code Injection Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A code injection vulnerability exists in Apache InLong versions 1.5.0 through 1.9.0, which stems from the presence of a code...

9.8CVSS7.3AI score0.01723EPSS

Exploits0References1

NVD•added 2023/12/12 11:15 p.m.•15 views

CVE-2023-3517

Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...

8.8CVSS0.00642EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by