Lucene search
K

4 matches found

Cvelist
Cvelist
added 2025/11/06 12:7 a.m.8 views

CVE-2025-64164 DataEase is vulnerable to Oracle JNDI Injection

Dataease is an open source data visualization analysis tool. In versions 2.10.14 and below, DataEase did not properly filter when establishing JDBC connections to Oracle, resulting in a risk of JNDI injection Java Naming and Directory Interface injection. This issue is fixed in version 2.10.15...

9.3CVSS0.00508EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/11/06 12:7 a.m.5 views

CVE-2025-64164 DataEase is vulnerable to Oracle JNDI Injection

Dataease is an open source data visualization analysis tool. In versions 2.10.14 and below, DataEase did not properly filter when establishing JDBC connections to Oracle, resulting in a risk of JNDI injection Java Naming and Directory Interface injection. This issue is fixed in version 2.10.15...

9.3CVSS6.6AI score0.00508EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/09/03 5:34 a.m.5 views

CVE-2025-6507

A vulnerability in the h2oai/h2o-3 repository allows attackers to exploit deserialization of untrusted data, potentially leading to arbitrary code execution and reading of system files. This issue affects the latest master branch version 3.47.0.99999. The vulnerability arises from the ability to...

9.8CVSS8.5AI score0.12993EPSS
Exploits0References1
OSV
OSV
added 2019/04/04 4:29 p.m.3 views

CVE-2019-1003077

A missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpldoTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server...

6.5CVSS6.6AI score0.01486EPSS
Exploits0References3
Rows per page
Query Builder