DataEase DB2/MongoDB JNDI Code Injection Vulnerability

DataEase is a set of Java-based development of open source data visualization and analysis tools to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . A code injection vulnerability exists in DataEase DB2/MongoDB JDBC...

EUVD-2025-6404

Malicious code in bioql PyPI...

CVE-2025-50070

Vulnerability in the JDBC component of Oracle Database Server. Supported versions that are affected are 23.4-23.8. Difficult to exploit vulnerability allows low privileged attacker having Authenticated OS User privilege with logon to the infrastructure where JDBC executes to compromise JDBC...

jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver

A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances...

Unspecified Vulnerability in Oracle Database Server JDBC

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. An unspecified vulnerability exists in the JDBC component of Oracle Database Server versions 11.2.0.4, 12.1.0.1, 12.1.0.2, which can be...