16 matches found
EUVD-2023-32555
Malicious code in bioql PyPI...
CVE-2025-48006
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service DoS condition ma...
CVE-2025-48006
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service DoS condition ma...
CVE-2025-48006
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service DoS condition ma...
CVE-2025-48006
CVE-2025-48006 affects DataSpider Servista 4.4 and earlier. Root cause: improper restriction of XML external entity references (CWE-611). Impact: potential to read arbitrary files on the server filesystem and DoS; network-based exposure with low attack complexity. Exploitation details are not pro...
CVE-2025-48006
Improper restriction of XML external entity reference issue exists in DataSpider Servista 4.4 and earlier. If a specially crafted request is processed, arbitrary files on the file system where the server application for the product is installed may be read, or a denial-of-service DoS condition ma...
DataSpider Servista improper restriction of XML external entity references
Overview DataSpider Servista provided by Saison Technology Co.,Ltd. is a data integration software. DataSpider Servista contains the following vulnerability. Improper restriction of XML external entity reference CWE-611 - CVE-2025-48006 Shigeaki Tsunoda of Cyber Defense Institute, Inc. reported...
Ashisuto DataSpider Servista 代码问题漏洞
Ashisuto DataSpider Servista is an enterprise data integration platform from Ashisuto Japan. A code issue vulnerability exists in Ashisuto DataSpider Servista 4.4 and prior versions, which stems from an improperly restricted XML external entity reference that could result in the reading of...
PT-2025-39813
Name of the Vulnerable Software and Affected Versions DataSpider Servista versions 4.4 and earlier Description An improper restriction of XML external entity reference issue exists. Processing a specially crafted request may allow an attacker to read arbitrary files on the system where the server...
CVE-2023-28937
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...
Hardcoded credentials
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...
CVE-2023-28937
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...
PT-2023-22047 · Unknown · Scriptrunner For Amazon Sqs +2
Name of the Vulnerable Software and Affected Versions: DataSpider Servista versions 4.4 and earlier Description: The issue concerns the use of a hard-coded cryptographic key in DataSpider Servista, which is data integration software. This key is embedded in ScriptRunner and ScriptRunner for Amazo...
CVE-2023-28937
DataSpider Servista 4.4 and earlier is affected by a vulnerability where a cryptographic key is hard-coded into ScriptRunner and ScriptRunner for Amazon SQS. If an attacker with access to a target DataSpider Servista instance can obtain a Launch Settings file, they may operate with the user’s enc...
CVE-2023-28937
DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...
JVN#38222042: DataSpider Servista uses a hard-coded cryptographic key
DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. is a data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazon SQS,...