162 matches found
EUVD-2021-22950
Malware in sbrugna...
EUVD-2025-28417
Malicious code in bioql PyPI...
Security Bulletin: Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.7 SP2
Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.7 SP2 are available to download from Cloudera and IBM. Vulnerability Details CVEID:CVE-2017-7657 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by improper handling of Chunked...
Security Bulletin: Common vulnerabilities fixed in Cloudera Data Platform Private Cloud Base 7.1.9 SP1
Summary Common vulnerabilities fixed in Cloudera Data Platform Private Cloud Base 7.1.9 SP1 Vulnerability Details CVEID:CVE-2022-24785 DESCRIPTION: Moment.js could allow a remote attacker to traverse directories on the system, caused by improper validation of user supplied input. An attacker coul...
Security Bulletin: Multiple Vulnerabilities discovered in Cloudera Data Platform Private Cloud Base with IBM 7.1.7 SP2
Summary Multiple Vulnerabilities discovered in Cloudera Data Platform Private Cloud Base with IBM 7.1.7 SP2 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Cloudera Data Platform Priva...
CVE-2025-52219
SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Legacy UI fields can be used to create arbitrary external links via HTML Injection...
PT-2025-34773 · Unknown · Selectzero Data Observability Platform
Name of the Vulnerable Software and Affected Versions: SelectZero Data Observability Platform versions prior to 2025.5.2 Description: Improper sanitization of unspecified parameters allows attackers to inject arbitrary text or limited HTML into the login page. Recommendations: Update SelectZero...
CVE-2025-52219
SelectZero SelectZero Data Observability Platform before 2025.5.2 contains an Open Redirect vulnerability. Legacy UI fields can be used to create arbitrary external links via HTML Injection...
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2025-06806)
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A security vulnerability exists in IBM InfoSphere Information Server version 11.7, which stems...
Security Bulletin: Common vulnerabilities addressed in Cloudera Data Platform 7.1.9 HF2
Summary Fixes to common vulnerabilities discovered in Cloudera Data Platform 7.1.9 are available to download from Cloudera. Vulnerability Details CVEID:CVE-2017-15718 DESCRIPTION: Apache Hadoop could allow a remote attacker to obtain sensitive information, caused by a flaw in the YARN NodeManager...
CVE-2025-0719
IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a truste...
stroom 安全漏洞
stroom is a highly scalable data storage, processing, and analytics platform open-sourced by GCHQ. A security vulnerability exists in stroom that stems from a vulnerability that allows bypassing the authentication of the stroom system when the ALB is configured and installed in a way that the...
Veeam Product Upgrade Guides
Upgrade Guides This article provides a list with links to the upgrade guides available within each product's user guide. Veeam Data Platform Veeam Backup & Replication Veeam ONE Veeam Recovery Orchestrator Veeam Plug-ins for Enterprise Applications Veeam Plug-in for SAP HANA Veeam Plug-in for...
VulnCheck KEV: CVE-2023-20263
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to security bypass due to json-jwt ( CVE-2023-51774 )
Summary json-jwtis used by IBM Cloud Pak for Data as part of the platform. CVE-2023-51774. Vulnerability Details CVEID:CVE-2023-51774 DESCRIPTION: json-jwt could allow a remote attacker to bypass security restrictions, caused by a sign/encryption confusion attack. By sending a specially crafted...
rudder-server is vulnerable to SQL injection
rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...
Malicious code in glovo-data-platform-declarative-airflow (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5183 Malicious code in glovo-data-platform-importer-brain (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in glovo-data-platform-importer-brain (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-5182 Malicious code in glovo-data-platform-declarative-airflow (PyPI)
--- -= Per source details. Do not edit below this line.=-...