28 matches found
CVE-2026-2253 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Restriction of XML External Entity Reference
Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities...
CVE-2026-8202
CVE-2026-8202 affects MongoDB Server prior to certain fixed versions: v7.0 before 7.0.34, v8.0 before 8.0.23, v8.2 before 8.2.9, and v8.3 before 8.3.2. The issue is a post-authentication CPU DoS caused by using a densely populated characters mask with large input strings in the MongoDB aggregatio...
GitLab 8.3 < 18.5.5 / 18.6 < 18.6.3 / 18.7 < 18.7.1 (CVE-2025-10569)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.5.5, 18.6 before 18.6.3, and 18.7 before 18.7.1 that could have allowed an authenticated user to create a denia...
CVE-2025-9121 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data
Pentaho Data Integration and Analytics Community Dashboard Editor plugin versions before 10.2.0.4, including 9.3.0.x and 8.3.x, deserialize untrusted JSON data without constraining the parser to approved classes and methods...
Linux Distros Unpatched Vulnerability : CVE-2019-12446
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message. CVE-2019-12446 No...
Hitachi Vantara Pentaho Business Analytics Server 安全漏洞
Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Ltd Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.2, 9.3.x, and 8.3.x. The...
CVE-2024-49781
IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is vulnerable to an XML external entity injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
IBM OpenPages with Watson 代码问题漏洞
IBM OpenPages with Watson is an AI-powered financial risk analytics solution from International Business Machines IBM. The platform is based on AI technology to predict risk factors and minimize risks in financial activities by integrating, automatically identifying, measuring, monitoring,...
PHP 安全漏洞
PHP is a scripting language in which PHP is executed server-side. PHP has a security vulnerability. An attacker exploiting this vulnerability could cause the buffer to over-read a byte, which could result in a crash or leak the contents of other memory areas. The following versions are affected:...
PT-2024-8873
Name of the Vulnerable Software and Affected Versions: PHP versions 8.1. before 8.1.31 PHP versions 8.2. before 8.2.26 PHP versions 8.3. before 8.3.14 Description: The issue is related to an error in the convert.quoted-printable-decode filter, which can lead to a buffer overread by one byte. This...
PT-2024-10414 · Ibm · Ibm Openpages With Watson
Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue is related to the web interface of IBM OpenPages and IBM OpenPages with Watson, where insufficient measures are taken to protect the web page structure. This allows a...
PT-2025-7446 · Hitachi Vantara · Pentaho Data Integration & Analytics
Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Data Integration & Analytics versions prior to 10.2.0.0 and 9.3.0.9, including 8.3.x Description: The product receives input from an upstream component but does not restrict or incorrectly restricts the input before it...
AZL-40061 CVE-2024-3096 affecting package php for versions less than 8.3.6-1
In PHP version 8.1. before 8.1.28, 8.2. before 8.2.18, 8.3. before 8.3.5, if a password stored with passwordhash starts with a null byte \x00, testing a blank string as the password via passwordverify will incorrectly return true...
PT-2024-12764 · Ibm · Ibm Openpages With Watson
Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue provides weaker than expected security in an OpenPages environment using Native authentication. An attacker with access to the OpenPages database could exploit this...
CVE-2023-0921 Allocation of Resources Without Limits or Throttling in GitLab
A lack of length validation in GitLab CE/EE affecting all versions from 8.3 before 15.10.8, 15.11 before 15.11.7, and 16.0 before 16.0.2 allows an authenticated attacker to create a large Issue description via GraphQL which, when repeatedly requested, saturates CPU usage...
Hitachi Vantara Pentaho Business Analytics Server 代码问题漏洞
Hitachi Vantara Pentaho Business Analytics Server is a modern data blending, integration, and business analytics platform from Hitachi, Japan. A security vulnerability exists in Hitachi Vantara Pentaho Business Analytics Server version 8.3.x, version 9.4.x up to and including version 9.4.0.1, and...
PT-2023-2238
Name of the Vulnerable Software and Affected Versions Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x Description The issue is related to the use of non-canonical URL paths for authorization solutions, which can be circumvented. This can allo...
Hitachi Pentaho Business Analytics 路径遍历漏洞
Hitachi Pentaho Business Analytics is a business analytics platform from Hitachi, Japan, Inc. for securely accessing, integrating, manipulating, visualizing and analyzing big data assets. A security vulnerability exists in Hitachi Pentaho Business Analytics version 9.2.0.2 prior to version 9.2 an...
Veritas NetBackup 安全漏洞
Veritas NetBackup is a storage service from Veritas, Inc. that is used to provide backup and recovery capabilities for enterprise environments. The software supports the detection of ransomware and backup protection of environmental data such as metadata and virtual environments. A security...
CVE-2021-45425
Reflected Cross Site Scripting XSS in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes...