CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

Cvelist•added 2026/05/27 2:54 a.m.•26 views

CVE-2026-2253 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Restriction of XML External Entity Reference

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities...

7.7CVSS0.00032EPSS

Exploits0References1

CNNVD•added 2026/05/27 12:0 a.m.•8 views

Hitachi Vantara Pentaho Data Integration and Analytics 安全漏洞

Hitachi Vantara Pentaho Data Integration and Analytics is a business intelligence dashboard designer developed by Hitachi Vantara Corporation in the United States. Versions of Hitachi Vantara Pentaho Data Integration and Analytics prior to 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, contain...

6.3CVSS5.8AI score0.00038EPSS

Exploits0References1

CNNVD•added 2026/05/06 12:0 a.m.•4 views

HCL DFXAnalytics 安全漏洞

HCL DFXAnalytics is a software delivery and operations analytics platform developed by the Indian company HCL. HCL DFXAnalytics has a security vulnerability, which stems from the use of components with known vulnerabilities. The application also utilizes libraries or sub-components that are not...

9.8CVSS5.8AI score0.0005EPSS

Exploits0References1

OSV•added 2026/04/16 3:31 p.m.•2 views

GHSA-27H3-CRW2-Q36W SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue...

7.5CVSS5.8AI score0.00056EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-14630

Malware in sbrugna...

6.5CVSS5.7AI score0.00217EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-14879

Malware in sbrugna...

10CVSS9.5AI score0.00493EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-52958

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00033EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-57862

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00131EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2021-31887

Malicious code in bioql PyPI...

4.7CVSS5AI score0.00329EPSS

Exploits0References4

RedhatCVE•added 2025/05/22 10:54 p.m.•6 views

CVE-2022-31500

In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions...

7.8CVSS7AI score0.00033EPSS

Exploits0References1

OSV•added 2023/10/12 8:15 p.m.•3 views

CVE-2023-5562

An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server or KNIME Business Hub several JavaScript-based view nodes do not sanitize the data that is displayed by...

6.1CVSS5.8AI score0.00131EPSS

Exploits0References1

NVD•added 2023/10/12 8:15 p.m.•9 views

CVE-2023-5562

6.1CVSS6.1AI score0.00131EPSS

Exploits0References1

Prion•added 2023/10/12 8:15 p.m.•12 views

Cross site scripting

5.8CVSS6AI score0.00131EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/10/12 7:0 p.m.•13 views

CVE-2023-5562 Unsafe default allows for cross-site scripting attacks in KNIME Server and KNIME Business Hub

6.1CVSS6.3AI score0.00131EPSS

Exploits0References1

CVE•added 2023/10/12 7:0 p.m.•49 views

CVE-2023-5562

KNIME Analytics Platform before 5.2.0 is vulnerable to cross-site scripting when used as an executor for KNIME Server or KNIME Business Hub. The root cause is an unsafe default configuration where JavaScript-based view nodes do not sanitize data by default, allowing inline JavaScript to run in th...

6.1CVSS6.1AI score0.00131EPSS

Exploits0References1Affected Software1

CNNVD•added 2023/10/12 12:0 a.m.•2 views

Knime Analytics Platform Cross-Site Scripting Vulnerability

Knime Analytics Platform is a free and open source data analytics, reporting and integration platform from Knime, Switzerland. A cross-site scripting vulnerability exists in KNIME Analytics Platform versions prior to 5.2.0, which arises from insecure default settings that allow cross-site scripti...

6.1CVSS6.1AI score0.00131EPSS

Exploits0References2

Positive Technologies•added 2023/10/12 12:0 a.m.•2 views

PT-2023-32177 · Knime · Knime Analytics Platform

Name of the Vulnerable Software and Affected Versions: KNIME Analytics Platform versions prior to 5.2.0 Description: The issue is related to an unsafe default configuration that allows for a cross-site scripting attack. When KNIME Analytics Platform is used as an executor for either KNIME Server ...

6.1CVSS6AI score0.00131EPSS

Exploits0References6

OSV•added 2023/07/13 2:15 a.m.•1 views

CVE-2023-34130

SonicWall GMS and Analytics use outdated Tiny Encryption Algorithm TEA with a hardcoded key to encrypt sensitive data. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions...

9.8CVSS5.8AI score

Exploits0References2

CNVD•added 2023/04/25 12:0 a.m.•8 views

Denial of Service Vulnerability in Damon's Big Data Analytics Platform

Wuhan Damon Database Co., Ltd. is specialized in providing big data platform architecture consulting, data technology solution planning, product deployment and implementation in one big data platform company. A denial of service vulnerability exists in Damon's Big Data Analytics Platform, which c...

6.6AI score

Exploits0

CNNVD•added 2023/01/28 12:0 a.m.•1 views

Metabase 信息泄露漏洞

Metabase is an open source data analytics platform from Metabase Inc. Metabase is vulnerable to an information disclosure vulnerability that stems from exposing sensitive information to an unauthorized user. No details of the vulnerability are currently available...

5.7CVSS6.2AI score0.00274EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by