Vulnerabilities > Dataease

DATE CVE VULNERABILITY TITLE RISK
2023-06-01 CVE-2023-32310 Authorization Bypass Through User-Controlled Key vulnerability in Dataease
DataEase is an open source data visualization and analysis tool.
network
low complexity
dataease CWE-639
8.1
2023-06-01 CVE-2023-33963 Deserialization of Untrusted Data vulnerability in Dataease
DataEase is an open source data visualization and analysis tool.
network
low complexity
dataease CWE-502
critical
9.8
2023-03-28 CVE-2023-28637 Unspecified vulnerability in Dataease
DataEase is an open source data visualization analysis tool.
network
low complexity
dataease
8.8
2023-03-25 CVE-2023-28437 Unspecified vulnerability in Dataease
Dataease is an open source data visualization and analysis tool.
network
low complexity
dataease
critical
9.8
2023-03-24 CVE-2023-28435 Unspecified vulnerability in Dataease
Dataease is an open source data visualization and analysis tool.
network
low complexity
dataease
6.1
2023-02-28 CVE-2023-25807 Cross-site Scripting vulnerability in Dataease
DataEase is an open source data visualization and analysis tool.
network
low complexity
dataease CWE-79
5.4
2023-02-15 CVE-2021-38239 SQL Injection vulnerability in Dataease
SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10.
network
low complexity
dataease CWE-89
7.5
2022-10-25 CVE-2022-39312 Deserialization of Untrusted Data vulnerability in Dataease
Dataease is an open source data visualization analysis tool.
network
low complexity
dataease CWE-502
critical
9.8
2022-07-22 CVE-2022-34113 Unspecified vulnerability in Dataease 1.11.1
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.
network
low complexity
dataease
critical
9.8
2022-02-08 CVE-2022-23331 Unspecified vulnerability in Dataease 1.6.1
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.
network
low complexity
dataease
8.8