Lucene search
K

4 matches found

Circl
Circl
added 2025/06/04 12:46 a.m.28 views

CVE-2025-49002

creationtimestamp| type| source ---|---|--- 2025-06-04 00:46:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqqlenppg22r 2025-10-21 11:03:17+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/56356 2025-10-21 15:00:12+00:00| published-proof-of-concept|...

9.8CVSS4.8AI score0.43192EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/06/03 8:37 p.m.6 views

CVE-2025-49002 Dataease H2 Database Remote Code Execution (RCE) Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through case insensitivity because INIT and RUNSCRIPT are prohibited. The vulnerability has been fixed in...

9.2CVSS6.3AI score0.43192EPSS
Exploits2References2
CVE
CVE
added 2025/06/03 8:37 p.m.125 views

CVE-2025-49002

DataEase (open source BI/visualization) contains a vulnerability in versions prior to 2.10.10 where a patch for CVE-2025-32966 can be bypassed due to case-insensitive handling, specifically when INIT and RUNSCRIPT are prohibited. The issue is fixed in v2.10.10. A GitHub exploit post (DataEase_Pos...

9.8CVSS7AI score0.43192EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2025/06/03 8:37 p.m.23 views

CVE-2025-49002 Dataease H2 Database Remote Code Execution (RCE) Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through case insensitivity because INIT and RUNSCRIPT are prohibited. The vulnerability has been fixed in...

9.2CVSS0.43192EPSS
Exploits2References2
Rows per page
Query Builder