114 matches found
Exploit for CVE-2026-33324
CVE-2026-33324 Overview SQLBot, a sophisticated Text-to-S...
DataEase 安全漏洞
DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in operations. DataEase versions 2.10.20 and earlier contain security vulnerabilities...
DataEase 安全漏洞
DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in their businesses. DataEase versions 2.10.20 and earlier contain security...
CVE-2026-32140
Dataease (open source data visualization tool) Before version 2.10.20 is vulnerable via the Redshift JDBC driver where the IniFile parameter can be exploited to load an attacker-controlled configuration file. The getJdbcIniFile discovery mechanism can, if not restricted, locate rsjdbc.ini and, in...
CVE-2026-32139 Dataease: Unfiltered active SVG content leads to Stored XSS
Dataease is an open source data visualization analysis tool. In DataEase 2.10.19 and earlier, the static resource upload interface allows SVG uploads. However, backend validation only checks whether the XML is parseable and whether the root node is svg. It does not sanitize active content such as...
DataEase SQL注入漏洞
DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in operations. Versions of DataEase prior to 2.10.20 contained a SQL injection...
DataEase 代码问题漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insights into business trends for business improvement and optimization. A code issue vulnerability exists in DataEase 2.10.14 and prior versions that...
DataEase 代码问题漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. A code issue vulnerability exists in DataEase version 2.10.14 and versions prio...
CVE-2025-62420
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC driver bypass vulnerability exists in the H2 database connection handler. The getJdbc function in H2.java checks if the jdbcUrl starts with jdbc:h2 but returns a separate jdbc field as the actual...
EUVD-2025-16761
Malicious code in bioql PyPI...
EUVD-2022-6235
Malicious code in bioql PyPI...
EUVD-2024-42262
Malicious code in bioql PyPI...
EUVD-2023-29701
Malicious code in bioql PyPI...
EUVD-2024-52860
Malicious code in bioql PyPI...
EUVD-2025-25711
Malicious code in bioql PyPI...
EUVD-2024-53716
Malicious code in bioql PyPI...
EUVD-2025-19595
Malicious code in bioql PyPI...
EUVD-2023-38093
Malicious code in bioql PyPI...
EUVD-2023-39173
Malicious code in bioql PyPI...
CVE-2025-58046
Dataease is an open-source data visualization and analysis platform. In versions up to and including 2.10.12, the Impala data source is vulnerable to remote code execution due to insufficient filtering in the getJdbc method of the io.dataease.datasource.type.Impala class. Attackers can construct...