1032 matches found
EUVD-2024-1473
Malicious code in bioql PyPI...
EUVD-2022-46910
Malicious code in bioql PyPI...
EUVD-2025-28818
Malicious code in bioql PyPI...
EUVD-2023-23808
Malicious code in bioql PyPI...
EUVD-2023-36137
Malicious code in bioql PyPI...
CVE-2024-39420
creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:35+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...
CVE-2024-52858
creationtimestamp| type| source ---|---|--- 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18 16:44:33+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764...
CVE-2025-58748
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...
CVE-2025-58046
Dataease is an open-source data visualization and analysis platform. In versions up to and including 2.10.12, the Impala data source is vulnerable to remote code execution due to insufficient filtering in the getJdbc method of the io.dataease.datasource.type.Impala class. Attackers can construct...
CVE-2025-58748
CVE-2025-58748 affects DataEase up to version 2.10.12, where the H2 data source (H2.java) does not validate that a JDBC URL starts with jdbc:h2 . This enables a crafted configuration to substitute the Amazon Redshift driver and leverage socketFactory/socketFactoryArg to trigger a remote XML resou...
CVE-2025-58748 Dataease H2 data source JDBC URL validation bypass leads to remote code execution
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...
CVE-2025-58748 Dataease H2 data source JDBC URL validation bypass leads to remote code execution
Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation H2.java does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon...
CVE-2025-58046
Dataease CVE-2025-58046 affects the Impala data source in versions up to 2.10.12 due to insufficient filtering in getJdbc. An attacker can craft a JDBC connection string that triggers JNDI injection and RMI deserialization, enabling remote command execution. Remediation is to upgrade to 2.10.13 o...
CVE-2025-58046 Dataease has a JDBC attack vulnerability in the Impala datasource
Dataease is an open-source data visualization and analysis platform. In versions up to and including 2.10.12, the Impala data source is vulnerable to remote code execution due to insufficient filtering in the getJdbc method of the io.dataease.datasource.type.Impala class. Attackers can construct...
CVE-2025-9517
creationtimestamp| type| source ---|---|--- 2025-09-15 13:28:31+00:00| seen| MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f 2025-09-16 03:45:00+00:00| seen| MISP/acd0294c-4561-4286-a04e-5c02a1c67b1f...
DataEase 安全漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. A security vulnerability exists in Dataease version 2.10.12 and earlier, which...
DataEase 代码问题漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. A code issue vulnerability exists in DataEase 2.10.12 and prior versions that...
PT-2025-37721
Name of the Vulnerable Software and Affected Versions: Dataease versions prior to 2.10.13 Description: Dataease is an open source data analytics and visualization platform. The H2 data source implementation H2.java lacks validation to ensure that a provided JDBC URL begins with jdbc:h2. This allo...
Linux Distros Unpatched Vulnerability : CVE-2024-6322
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associate...
CVE-2025-53651
creationtimestamp| type| source ---|---|--- 2025-09-09 20:51:40+00:00| seen| MISP/e0a0042d-e47b-4875-b781-99d4428af3c2...