1047 matches found
EUVD-2025-44039
A SQL injection vulnerability was found in Looker Studio. A Looker Studio user with report view access could inject malicious SQL that would execute with the report owner's permissions. The vulnerability affected to reports with BigQuery as the data source. This vulnerability was patched on 21 Ju...
PT-2025-46208
Name of the Vulnerable Software and Affected Versions Bugsink versions prior to 2.0.6 Description Bugsink is a self-hosted error tracking tool. A specially crafted Brotli-compressed envelope can cause Bugsink to expend excessive CPU time during decompression, resulting in a denial of service. Thi...
PT-2025-46207
Name of the Vulnerable Software and Affected Versions Bugsink versions prior to 2.0.5 Description Bugsink is a self-hosted error tracking tool susceptible to a Denial of Service. Specifically, specially crafted brotli compressed data streams, known as “bombs” highly compressed brotli streams...
Exploit for Authentication Bypass by Spoofing in Dataease
fofa语法:title="DataEase" poc: "POST /de2api/datasource/validate...
CVE-2025-62419
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
CVE-2025-62419
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
CVE-2025-62419
DataEase (DataEase platform) prior to v2.10.14 contains a JDBC URL injection in the DB2 data source handler: when extraParams is empty, HOSTNAME, PORT, and DATABASE are concatenated into the JDBC URL without filtering, allowing an attacker to inject a malicious JDBC string via HOSTNAME to bypass ...
CVE-2025-62419 DataEase vulnerable to JDBC URL injection in DB2 and MongoDB data source configuration
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
EUVD-2025-34919
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
CVE-2025-62419 DataEase vulnerable to JDBC URL injection in DB2 and MongoDB data source configuration
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
EUVD-2019-4852
Malware in sbrugna...
EUVD-2020-28497
Malware in sbrugna...
EUVD-2017-6418
Malware in sbrugna...
EUVD-2020-28490
Malware in sbrugna...
EUVD-2009-0612
Malware in sbrugna...
EUVD-2020-5013
Malware in sbrugna...
EUVD-2020-27352
Malware in sbrugna...
EUVD-2021-2328
Malware in sbrugna...
EUVD-2007-0409
Malware in sbrugna...
EUVD-2021-14680
Malware in sbrugna...