1047 matches found
PT-2025-34494 · Tableau · Tableau Server
Name of the Vulnerable Software and Affected Versions: Tableau Server versions prior to 2025.1.3 Tableau Server versions prior to 2024.2.12 Tableau Server versions prior to 2023.3.19 Description: An improper input validation issue exists in the tabdoc api - create-data-source-from-file-upload...
Apache Superset Authorization Problem Vulnerability (CNVD-2025-19101)
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an authorization issue vulnerability that stems from improper access control on the /explore endpoint, which could be exploited by an attacker to obtain metadata abou...
Linux Distros Unpatched Vulnerability : CVE-2021-44832
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Log4j2 versions 2.0-beta7 through 2.17.0 excluding security fix releases 2.3.2 and 2.12.4 are vulnerable to a remote code execution RCE attack when a...
CVE-2025-43744
creationtimestamp| type| source ---|---|--- 2025-08-19 20:07:20+00:00| seen| Telegram/dGdIqxnkM3Dmwa9J7VB9fJ9SlV66TINfay2DLp4toYzZjq4...
CVE-2025-9148 CodePhiliaX Chat2DB JDBC Connection DataSourceController.java sql injection
A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects an unknown function of the file ai/chat2db/server/web/api/controller/data/source/DataSourceController.java of the component JDBC Connection Handler. The manipulation results in sql injection. The attack can be executed...
PT-2025-33817 · Unknown · Codephiliax Chat2Db
Name of the Vulnerable Software and Affected Versions: CodePhiliaX Chat2DB versions through 0.3.7 Description: A SQL injection issue exists in the JDBC Connection Handler component of CodePhiliaX Chat2DB. The issue affects an unknown function within the...
Linux Distros Unpatched Vulnerability : CVE-2020-24616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2020-17509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic...
Linux Distros Unpatched Vulnerability : CVE-2020-35490
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2020-36184
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to...
Linux Distros Unpatched Vulnerability : CVE-2020-12395
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory...
Linux Distros Unpatched Vulnerability : CVE-2022-22748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Malicious websites could have confused Firefox into showing the wrong origin when asking to launch a program and handling an external URL protocol. This...
Apache Superset 授权问题漏洞
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an authorization issue vulnerability that stems from improper access control on the /explore endpoint, which could be exploited by an attacker to obtain metadata abou...
JimuReport 代码问题漏洞
JimuReport is a free reporting tool open source by JEECG in China. A code issue vulnerability exists in JimuReport 2.1.1 and earlier versions, which stems from a misbehavior in file /drag/onlDragDataSource/testConnection leading to deserialization...
CVE-2025-2213
creationtimestamp| type| source ---|---|--- 2025-08-13 13:26:34+00:00| seen| MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868...
Path Traversal
bugsink is vulnerable to Path Traversal. The vulnerability is due to constructing file locations directly from untrusted eventid input without validation, which allows an attacker with access to a valid DSN to create or overwrite files in arbitrary locations...
Linux Distros Unpatched Vulnerability : CVE-2023-32209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A maliciously crafted favicon could have led to an out of memory crash. This vulnerability affects Firefox 113. CVE-2023-32209 Note that Nessus relies on the...
CVE-2025-8743
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...
CVE-2025-8743
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...
CVE-2025-8743
A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /datasourceedit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate...