CVE-2026-2253

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities...

CVE-2026-2255

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, expose Hadoop cluster credentials in plain text through the Cluster Test API. Although the user should not see those explicitly, the defect is mitigated by the fact the user can...

EUVD-2024-26046

Malicious code in bioql PyPI...

EUVD-2022-43054

Malicious code in bioql PyPI...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, which stems from...

Hitachi Vantara Pentaho Data Integration & Analytics 安全漏洞

Hitachi Vantara Pentaho Data Integration & Analytics is a data integration and analytics system from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.2.0.2, which stems from the CGG Draw API not properly...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server that stems from the presence of mishandled privileges,...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in its ability to disclose information through a server error message, allowing an intruder to expose the protected information.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to the disclosure of information through a server error message. Exploiting this vulnerability allows an attacker to remotely disclose the protected information...

Hitachi Vantara Pentaho Business Analytics Server 安全漏洞

Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server version 8.3.x, version 9.4.x up to and including version 9.4.0.1, and...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server’s server lies in the incorrect restriction on the path to the restricted-access catalog, which allows attackers to gain unauthorized access to protected information.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to an incorrect restriction on the path name to the restricted access catalog. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server lies in the use of non-standard URL paths for authentication solutions. This allows attackers to escalate their privileges.

The vulnerability of Hitachi Vantara Pentaho Business Analytics Server relates to the use of non-canonical URL paths for authentication solutions. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

CVE-2022-43938

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x cannot allow a system administrator to disable scripting capabilities of Pentaho Reports .prpt through the JVM script manager...

CVE-2022-43939

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented...

CVE-2022-4770

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.0 and 9.3.0.2, including 8.3.x display the full parametrized SQL query in an error message when an invalid character is used within a Pentaho Report .prpt...

CVE-2021-34684

Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the related databases, as demonstrated by an api/repos/dashboards/editor URI...

Hitachi Vantara Pentaho和Hitachi Vantara Pentaho Business Analytics 代码问题漏洞

Hitachi Vantara Pentaho is a service for storing and managing data in big data environments from Hitachi, Japan.Hitachi Vantara Pentaho Business Analytics is a business analytics platform from Hitachi Vantara, USA. for securely accessing, integrating, manipulating, visualizing and analyzing big...