CVE-2025-64163

DataEase is an open source data visualization analysis tool. In versions 2.10.14 and below, the vendor added a blacklist to filter ldap:// and ldaps://. However, omission of protection for the dns:// protocol results in an SSRF vulnerability. This issue is fixed in version 2.10.15...

EUVD-2025-6385

Malicious code in bioql PyPI...

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. DataEase version before 2.10.12 has a security vulnerability , the vulnerabilit...

VulnCheck KEV: CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. DataEase v1.18.19 before the version of a security vulnerability , the vulnerability stems from ClickHous...

CVE-2023-32310 DataEase API interface has IDOR vulnerability

DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references IDOR. This could result in a user deleting another user's dashboard or messages or interfering with the...

Visual Mining NetCharts Server Arbitrary File Upload Vulnerability

Visual Mining NetCharts Server is a set of data visualization tools. The tool supports the generation of data in the form of charts, graphs, reports, and more. An arbitrary file upload vulnerability exists in Visual Mining NetCharts Server, which allows remote attackers to exploit the vulnerabili...