303 matches found
CVE-2025-25324
An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a crafted link...
PT-2024-8518 · Fortinet · Fortimanager +2
Name of the Vulnerable Software and Affected Versions: FortiManager versions 7.4.0 through 7.4.2 and prior to 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.2 and prior to 7.2.5 FortiAnalyzer-BigData versions 7.4.0 and prior to 7.2.7 Description: The issue is related to errors in handling relativ...
Marketing Trends: How to Use Big Data Effectively
What are the benefits of big data in marketing and SEO? Learn and find effective tactics for implementing…...
Command Execution Vulnerability in Multiple Products of FanSoft Software Co.
Fansoft Software Ltd. is a professional big data BI and analytics platform provider in China. A command execution vulnerability exists in multiple products of SailSoft Software Limited, which can be exploited by attackers to gain control of a server...
Learn to Secure Petabyte-Scale Data in a Webinar with Industry Titans
Data is growing faster than ever. Remember when petabytes that's 1,000,000 gigabytes! were only for tech giants? Well, that's so last decade! Today, businesses of all sizes are swimming in petabytes. But this isn't just about storage anymore. This data is ALIVE—it's constantly accessed, analyzed,...
CVE-2024-31601
An issue in Beijing Panabit Network Software Co., Ltd Panalog big data analysis platform v. 20240323 and before allows attackers to execute arbitrary code via the exportpdf.php component...
CVE-2024-31601
CVE-2024-31601 affects Beijing Panabit Network Software Co., Ltd. Panalog big data analysis platform (version 20240323 and earlier). The issue allows attackers to execute arbitrary code via the exportpdf.php component, with a CVSSv3.1 base score of 9.8 (Network, High impact on confidentiality, in...
Arbitrary File Download Vulnerability in Yonghong Z-Suite of Beijing Yonghong Business Intelligence Technology Co.
Yonghong Z-Suite is a one-stop big data analytics platform. Yonghong Z-Suite has an arbitrary file download vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2024-28251
Querybook is a Big Data Querying UI, combining collocated table metadata and a simple notebook interface. Querybook's datadocs functionality works by using a Websocket Server. The client talks to this WSS whenever updating/deleting/reading any cells as well as for watching the live status of quer...
CVE-2024-28251
Querybook (Big Data Querying UI) exposes a cross-site websocket hijacking risk due to permissive CORS on its WebSocket Server. The issue affects datadocs functionality where the client communicates with a WebSocket Server to update/read/delete cells and monitor query execution, enabling an attack...
CVE-2024-27103
Querybook is a Big Data Querying UI. When a user searches for their queries, datadocs, tables and lists, the search result is marked and highlighted, and this feature uses dangerouslySetInnerHTML which means that if the highlighted result has an XSS payload it will trigger. While the input to...
Design/Logic Flaw
Querybook is a Big Data Querying UI. When a user searches for their queries, datadocs, tables and lists, the search result is marked and highlighted, and this feature uses dangerouslySetInnerHTML which means that if the highlighted result has an XSS payload it will trigger. While the input to...
CVE-2024-27103 Querybook Stored Cross-Site Scripting allows Privilege Elevation
Querybook is a Big Data Querying UI. When a user searches for their queries, datadocs, tables and lists, the search result is marked and highlighted, and this feature uses dangerouslySetInnerHTML which means that if the highlighted result has an XSS payload it will trigger. While the input to...
openBI Code Injection Vulnerability
openBI is a big data visualization solution from openBI. A code injection vulnerability exists in openBI 1.0.8 and earlier versions, which stems from a problem with the index function in the /application/index/controller/Screen.php file, which could lead to code injection. Currently there are no...
Vulnerabilities fixed in Oracle Database products
Oracle has fixed vulnerabilities in several Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Denial-of-Service DoS. Remote code execution User rights Access to sensitive data Access to system da...
Oracle Patch Update, January 2024 Security Update Review
Oracle has released its first quarterly edition of Critical Patch Update, which contains patches for 389 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in a wide range of product families, includin...
File Upload Vulnerability in Yonghong BI of Beijing Yonghong Business Intelligence Technology Co.
Beijing Yonghong Business Intelligence Technology Co., Ltd. is committed to providing global enterprises with big data technology products and services, relying on independent intellectual property rights of the one-stop big data platform to form a perfect product and service system, with...
Oracle GoldenGate for Big Data RCE (October 2023 CPU)
According to its self-reported version number, the Oracle GoldenGate for Big Data application located on the remote host is 21.3 = 21.10. It is, therefore, affected by a remote code execution vulnerability: - Vulnerability in the GoldenGate Big Data product of Oracle GoldenGate component:...
The rise of AI-powered criminals: Identifying threats and opportunities
AIs influence is growing across the security space, bringing with it major implications for cybercriminals and defenders. The recent adoption of AI has raised significant concerns for cybersecurity due to the many ways that criminals can use AI for disruption and profit. Defenders and law...
Unauthorized Access Vulnerability in Damon's Big Data Analytics Platform
Wuhan Damon Database Co., Ltd. is specialized in providing big data platform architecture consulting, data technology solution planning, product deployment and implementation in one big data platform company. Unauthorized access vulnerability exists in Damon Big Data Analytics Platform, which can...