MAL-2026-2148 Malicious code in mattermost-data-warehouse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 50f2483a1650869326d4fddf7bf66bc1dc6e6d614300cf8b41577595ded48165 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in mattermost-data-warehouse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 50f2483a1650869326d4fddf7bf66bc1dc6e6d614300cf8b41577595ded48165 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2022-38733

OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component...

EUVD-2017-14699

Malware in sbrugna...

EUVD-2016-0602

Malware in sbrugna...

EUVD-2022-41300

Malicious code in bioql PyPI...

CVE-2023-31131

Greenplum Database GPDB is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this...

Apache Kylin code issue vulnerability (CNVD-2025-10036)

Apache Kylin is the United States Apache Apache Foundation of an open source distributed analytical data warehouse . The product mainly provides Hadoop/Spark on top of the SQL query interface and multidimensional analysis OLAP and other functions. Apache Kylin suffers from a code issue...

Lunary 访问控制错误漏洞

Lunary is Lunary open source a production toolkit for LLM . Lunary suffers from an Access Control Error vulnerability that originates from the POST /api/v1/data-warehouse/bigquery endpoint without proper access control, which can be exploited by an attacker to obtain sensitive information...

Apache Hive Trust Management Issue Vulnerability

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. A trust...

Apache Hive Authorization Issues Vulnerability

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

SAP Business Warehouse Cross-Site Scripting Vulnerability

SAP Business Warehouse is an enterprise-class data warehouse system from SAP, Germany, whose main purpose is to help organizations integrate data from different systems for data analysis and decision making. SAP Business Warehouse suffers from a cross-site scripting vulnerability that stems from...

Apache Hive Code Injection Vulnerability

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. A code...

Apache Kylin Information Disclosure Vulnerability (CNVD-2024-22238)

Apache Kylin is the United States Apache Apache Foundation of an open source distributed analytical data warehouse . The product mainly provides Hadoop/Spark on top of the SQL query interface and multidimensional analysis OLAP and other functions. Apache Kylin suffers from an information disclosu...

File Upload Vulnerability in Yonghong BI of Beijing Yonghong Business Intelligence Technology Co.

Beijing Yonghong Business Intelligence Technology Co., Ltd. is committed to providing global enterprises with big data technology products and services, relying on independent intellectual property rights of the one-stop big data platform to form a perfect product and service system, with...

Path traversal

Greenplum Database GPDB is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this...

CVE-2023-31131

CVE-2023-31131 affects Greenplum Database (GPDB). The vulnerability arises from unsafe tar extraction within GPPKGs in versions prior to 6.22.3, enabling a path traversal that can lead to arbitrary file writes. An attacker could overwrite data or system files, potentially causing crashes or malfu...

Apache Kylin Command Injection Vulnerability

Apache Kylin is an open source distributed analytic data warehouse from the Apache Foundation. The product mainly provides Hadoop/Spark on top of the SQL query interface and multidimensional analysis OLAP and other functions. kylin has a command injection vulnerability, the vulnerability stems fr...

CVE-2022-38733

OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component...

CVE-2022-38733

OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component...