241 matches found
EUVD-2023-57910
Malicious code in bioql PyPI...
EUVD-2024-37279
Malicious code in bioql PyPI...
EUVD-2023-44175
Malicious code in bioql PyPI...
CVE-2025-7426
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...
CVE-2025-7426 MINOVA TTA Information Disclosure and Credential Exposure
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in the MINOVA TTA service. This allows unauthenticated remote access to an active FTP account containing sensitive internal data and import structures. In environments where this FTP server is part of...
The vulnerability of the PI Connector for CygNet software in data integration lies in the insufficient protection of the website structure, which allows attackers to carry out XSS attacks.
The vulnerability of the PI Connector for CygNet data integration software is related to insufficient protection of the website structure. Exploiting this vulnerability could allow an attacker to carry out XSS attacks...
The vulnerability of the IBM InfoSphere Information Server software platform’s data integration module lies in the incorrect limitation of the path name for the restricted access catalog, allowing attackers to read arbitrary files.
The vulnerability of the IBM InfoSphere Information Server software integration platform is related to incorrect restrictions on the path name to the restricted-access catalog. Exploiting this vulnerability allows a malicious actor to remotely read arbitrary files by sending a specially crafted...
IBM InfoSphere Information Server SQL注入漏洞
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An SQL injection vulnerability exists in IBM InfoSphere Information Server version 11.7 that ste...
Apache InLong Deserialization Vulnerability (CNVD-2025-15707)
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions prior to 1.13.0 to 2.1.0. The vulnerability stems from unsafe...
Apache InLong Deserialization Vulnerability (CNVD-2025-12411)
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong versions 1.13.0 to 2.1.0 has a deserialization vulnerability , the vulnerability stems from the application in the...
Apache InLong Security Bypass Vulnerability (CNVD-2026-00041)
Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. Apache InLong suffers from a security bypass vulnerability, which is caused by an insecure deserialization flaw. An attacker exploi...
Redash 安全漏洞
Redash is a suite of data integration and analysis solutions from Redash Israel. The product supports data integration, data visualization, query editing and data sharing. A security vulnerability exists in Redash 10.1.0 and 25.1.0 and earlier versions, which stems from a sandboxing issue with th...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2025-12569)
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...
The vulnerability of the Apache InLong data integration platform, related to shortcomings in the deserialization mechanism, allows attackers to circumvent existing security restrictions and gain access to read arbitrary files.
The vulnerability of the Apache InLong data integration platform is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and gain access to read arbitrary files...
CVE-2023-5617
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.1.0.0 and 9.3.0.6, including 9.5.x and 8.3.x, display the version of Tomcat when a server error is encountered...
IBM Infosphere Information Server Information Disclosure Vulnerability (CNVD-2025-12591)
Infosphere Information Server is an enterprise-class software for data integration and data quality from IBM. A security vulnerability exists in Infosphere Information Server version 11.7. An attacker could exploit the vulnerability to obtain sensitive information...
CVE-2025-24907
Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' doubled triple dot slash sequences that can resolve to a location that is outside of that directory. CWE-35 Description Hitachi Vantara...
CVE-2025-24908
Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' doubled triple dot slash sequences that can resolve to a location that is outside of that directory. CWE-35 Description Hitachi...
CVE-2025-0756
Overview The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Description Hitachi Vantara Pentaho Data Integration &...
CVE-2025-24907 Hitachi Vantara Pentaho Data Integration & Analytics – Path Traversal
Overview The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' doubled triple dot slash sequences that can resolve to a location that is outside of that directory. CWE-35 Description Hitachi...