85 matches found
CVE-2026-40899
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a JDBC parameter blocklist bypass vulnerability in the MySQL datasource configuration. The Mysql class uses Lombok's @Data annotation, which auto-generates a public setter for the...
CVE-2026-40899
DataEase
EUVD-2026-23293
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a JDBC parameter blocklist bypass vulnerability in the MySQL datasource configuration. The Mysql class uses Lombok's @Data annotation, which auto-generates a public setter for the...
DataEase 安全漏洞
DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in operations. DataEase versions 2.10.20 and earlier contain security vulnerabilities...
CVE-2026-32949
SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery SSRF vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the...
PT-2026-7031
A vulnerability was identified in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /system/system/admins/assessments/pretest/loaddata.php. Such manipulation of the argument difficulty id leads to sql injection. It is possible to launch the attack...
CVE-2024-41358
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\import-export\import-load-data.php...
CVE-2025-64512
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in...
UBUNTU-CVE-2025-64512
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in...
CVE-2025-64512 pdfminer.six vulnerable to Arbitrary Code Execution via Crafted PDF Input
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in...
EUVD-2025-50815
Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in...
CVE-2025-64512
pdfminer.six contains an insecure deserialization vulnerability in the CMap loading path. The library uses pickle.loads() to deserialize CMap cache files; a malicious PDF can cause execution of code by pointing to a crafted .pickle.gz in the cmap directory. Affected releases are before the upstre...
Arbitrary Code Execution in pdfminer.six via Crafted PDF Input
Summary pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in pdfminer.six uses pickle.loads to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six distribution stored in th...
py-pdfminer.six -- Arbitrary Code Execution in pdfminer.six via Crafted PDF Input
Pieter Marsman reports: pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The CMapDB.loaddata function in pdfminer.six uses pickle.loads to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six...
PT-2025-46211
Name of the Vulnerable Software and Affected Versions Pdfminer.six versions prior to 20251107 Description Pdfminer.six is a tool for extracting information from PDF documents. Prior to version 20251107, the software could execute arbitrary code from a malicious pickle file when processing a...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990150)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990150 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In loaddata, make the validation of and skipping...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990330)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990330 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: emux: improve patch ioctl data validation In loaddata, make the validation of and skipping...
EUVD-2002-0226
Malware in sbrugna...
EUVD-2010-3667
Malware in sbrugna...
EUVD-2020-6193
Malware in sbrugna...