[SECURITY] Fedora 44 Update: qt6-qtdatavis3d-6.10.3-1.fc44

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

[SECURITY] Fedora 44 Update: LabPlot-2.12.1-17.fc44

LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...

EUVD-2026-23291

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query string...

EUVD-2026-23284

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied sort value to the...

CVE-2026-32137

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, The table parameter for /de2api/datasource/previewData is directly concatenated into the SQL statement without any filtering or parameterization. Since tableName is a user-controllable string, attackers can inject...

Apache Superset Security Bypass Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset, which can be exploited by an attacker to execute sensitive SQL functions...

Data Visualization MCP Server 代码注入漏洞

The Data Visualization MCP Server is a context-based protocol server developed by Isaac Wasserman, designed for data visualization purposes. The Data Visualization MCP Server has a code injection vulnerability, which stems from incorrect handling of the vegalitespecification parameter, potentiall...

CVE-2021-41192

Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both that is the same across all installations. In such cases, th...

[SECURITY] Fedora 43 Update: duc-1.4.6-1.fc43

Duc is a collection of tools for indexing, inspecting and visualizing disk usage. Duc maintains a database of accumulated sizes of directories of the file system, and allows you to query this database with some tools, or create fancy graphs showing you where your bytes are...

[SECURITY] Fedora 42 Update: qt5-qtdatavis3d-5.15.18-1.fc42

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

CVE-2025-64163

DataEase is an open source data visualization analysis tool. In versions 2.10.14 and below, the vendor added a blacklist to filter ldap:// and ldaps://. However, omission of protection for the dns:// protocol results in an SSRF vulnerability. This issue is fixed in version 2.10.15...

[SECURITY] Fedora 42 Update: qt6-qtdatavis3d-6.9.3-1.fc42

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

[SECURITY] Fedora 42 Update: LabPlot-2.12.1-11.fc42

LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...

CVE-2025-62422

DataEase is an open source data visualization and analytics platform. In versions 2.10.13 and earlier, the /de2api/datasetData/tableField interface is vulnerable to SQL injection. An attacker can construct a malicious tableName parameter to execute arbitrary SQL commands. This issue is fixed in...

DataEase H2 JDBC Injection Code Execution Vulnerability

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase H2.java handles JDBC connection validation with a code injection...

CVE-2025-62422 DataEase SQL injection vulnerability

DataEase is an open source data visualization and analytics platform. In versions 2.10.13 and earlier, the /de2api/datasetData/tableField interface is vulnerable to SQL injection. An attacker can construct a malicious tableName parameter to execute arbitrary SQL commands. This issue is fixed in...

DataEase 代码问题漏洞

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase H2.java handles JDBC connection validation with a code injection...

EUVD-2018-14689

Malware in sbrugna...

EUVD-2023-39172

Malicious code in bioql PyPI...

EUVD-2022-41825

Malicious code in bioql PyPI...