Lucene search
+L

2847 matches found

cvelist
cvelist
added 2026/06/19 5:13 a.m.35 views

CVE-2025-7737 DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform

DoS Vulnerability in 10G iSCSI Interface of Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E990, E1090, E1090H: before DKCMAIN Ver.93-07-21-80/00-05, CHBiSCSI Ver.88-01-02-04, before DKCMAIN Ver.93-07-01-80/00-07, CHBiSCSI Ver.88-01-02-04, before DKCMAIN...

8.6CVSS0.00268EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.15 views

PT-2026-50833

Name of the Vulnerable Software and Affected Versions Hitachi Virtual Storage Platform E990, E1090, E1090H versions prior to DKCMAIN Ver.93-07-21-80/00-05, CHBiSCSI Ver.88-01-02-04 Hitachi Virtual Storage Platform E390, E590, E790, E390H, E590H, E790H versions prior to DKCMAIN...

8.6CVSS5.9AI score0.00268EPSS
Exploits0References6
nessus
nessus
added 2026/06/17 12:0 a.m.7 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2026-32778)

libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier out-of-memory condition, causing Denial of Service impact. Product is only affected if IEC 61850 functionality is configured. This plugin only works with Tenable.ot. Please visit...

5.5CVSS7.2AI score0.00166EPSS
Exploits0References3
nessus
nessus
added 2026/06/17 12:0 a.m.8 views

Hitachi Energy RTU500 Integer Overflow or Wraparound (CVE-2026-25210)

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation, primarily causing Denial of Service and potentially confidentiality and integrity impact to the product. Product is only...

7.8CVSS7.2AI score0.00193EPSS
Exploits0References3
nessus
nessus
added 2026/06/17 12:0 a.m.10 views

Hitachi Energy RTU500 Infinite Loop (CVE-2026-32777)

libexpat before 2.7.5 allows an infinite loop while parsing DTD content, causing Denial of Service impact. Product is only affected if IEC 61850 functionality is configured. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

5.5CVSS7.2AI score0.00216EPSS
Exploits1References3
nessus
nessus
added 2026/06/17 12:0 a.m.19 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2026-32776)

libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content, causing Denial of Service impact. Product is only affected if IEC 61850 functionality is configured. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-...

5.5CVSS7.2AI score0.00164EPSS
Exploits0References3
nessus
nessus
added 2026/06/17 12:0 a.m.6 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2025-69421)

Processing a malformed PKCS12 file can trigger a NULL pointer dereference in the PKCS12itemdecryptd2iex function. A NULL pointer dereference can trigger a crash which leads to Denial of Service for an application processing PKCS12 files. The PKCS12itemdecryptd2iex function does not check whether...

7.5CVSS7.8AI score0.00844EPSS
Exploits1References3
nessus
nessus
added 2026/06/17 12:0 a.m.6 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2026-24515)

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data, causing Denial of Service impact. Product is only affected if IEC 61850 functionality is configured. This plugin only works with Tenable.ot. Please visit...

2.9CVSS6.7AI score0.0017EPSS
Exploits0References3
nessus
nessus
added 2026/06/17 12:0 a.m.11 views

Hitachi Energy RTU500 NULL Pointer Dereference (CVE-2026-8479)

IEC 60870-5-104 used in bidirectional mode is vulnerable to a NULL pointer dereference; if a specially crafted sequence of messages is sent for a certain time, this causes Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is configured...

6.9CVSS5.3AI score0.0017EPSS
Exploits0References3
nuclei
nuclei
added 2026/06/16 7:13 a.m.102 views

Hitachi Pentaho Business Analytics Server - Remote Code Execution

Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby...

8.8CVSS9.1AI score0.9767EPSS
Exploits6References3
jvn
jvn
added 2026/06/12 2:46 a.m.12 views

Mitigation for iSCSI Port Vulnerability in Hitachi Disk Array Systems

Overview When a large number of malicious packets are received, the iSCSI port may become unresponsive. CVE-2025-7737 Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure an...

8.6CVSS5.4AI score0.00268EPSS
Exploits0References2
jvn
jvn
added 2026/06/10 2:16 a.m.12 views

Vulnerability in Cosminexus HTTP Server and Hitachi Web Server

Overview Vulnerability has been found in Cosminexus HTTP Server and Hitachi Web Server. CVE-2025-65082 This vulnerability will not occur if CGI is not used. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information'...

6.5CVSS6.7AI score0.00771EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/05 7:42 p.m.12 views

CVE-2025-2514

Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One...

5.3CVSS5.5AI score0.003EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.25 views

CVE-2025-1978

Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual...

9.8CVSS5.6AI score0.00547EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.10 views

CVE-2025-9661

OS command injection vulneravility in the management gui maintenance utility of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00...

9.8CVSS5.5AI score0.009EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:41 p.m.8 views

CVE-2025-11159

Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data source administrator...

9.1CVSS5.7AI score0.00342EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:37 p.m.10 views

CVE-2026-3314

Missing password field masking vulnerability in Hitachi Ops Center Analyzer Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe modules, Hitachi Ops Center Analyzer viewpoint, Hitachi Infrastructure Analytics Advisor Data Center Analytics, Analytics probe modules. This issu...

4.6CVSS5.5AI score0.00175EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:29 p.m.11 views

CVE-2026-2254

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs on certain API endpoints related to platform mail notfications...

6.3CVSS5.5AI score0.00154EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:29 p.m.10 views

CVE-2026-2255

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop cluster credentials in plain text through the Cluster Test API. Although the user should not see those explicitly, the defect is mitigated by the fact the user can...

4.3CVSS5.5AI score0.00165EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:15 p.m.13 views

CVE-2026-2253

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities...

7.7CVSS5.4AI score0.00201EPSS
Exploits0References1
Rows per page
Query Builder