Vulnerabilidades en dataease
72 resultadosCVE-2025-27138HIGHDataEase has an improper authentication vulnerabilityEPSS 0.5%CVE-2023-25807HIGHDataEase dashboard has a stored XSS vulnerabilityEPSS 0.5%CVE-2025-53004HIGHDataease Redshift Data Source JDBC Connection Parameters Bypass VulnerabilityEPSS 0.5%CVE-2025-53005HIGHDataease PostgreSQL Data Source JDBC Connection Parameters Bypass VulnerabilityEPSS 0.5%CVE-2025-64164HIGHDataEase is vulnerable to Oracle JNDI InjectionEPSS 0.5%CVE-2025-64428HIGHDataEase DB2 JNDI VulnerabilityEPSS 0.5%CVE-2026-23958HIGHDataEase Vulnerable to Brute-Force Attack on Admin JWT Secret Derived from Password that Enables Full Account TakeoverEPSS 0.5%CVE-2023-28435MEDIUMDataease file upload interface does not verify permission or file typeEPSS 0.5%CVE-2025-62422HIGHDataEase SQL injection vulnerabilityEPSS 0.5%CVE-2026-32939HIGHDataEase is Vulnerable to H2 JDBC RCE BypassEPSS 0.4%CVE-2025-48998HIGHDataease MYSQL JDBC File Reading VulnerabilityEPSS 0.4%CVE-2026-32949HIGHSQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQLEPSS 0.4%CVE-2025-27103HIGHDataease Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read VulnerabilityEPSS 0.4%CVE-2026-32137CRITICALDataEase SQL Injection VulnerabilityEPSS 0.4%CVE-2026-33122HIGHDataEase has SQL Injection via Datasource ManagementEPSS 0.4%CVE-2025-69285HIGHSQLBot uploadExcel Endpoint has Unauthenticated Arbitrary File Upload vulnerabilityEPSS 0.4%CVE-2025-62419HIGHDataEase vulnerable to JDBC URL injection in DB2 and MongoDB data source configurationEPSS 0.4%CVE-2026-40899HIGHDataEase has an Arbitrary File Read VulnerabilityEPSS 0.4%CVE-2023-35164MEDIUMUnauthorized users can manipulate a dashboard created by an administrator in DataEaseEPSS 0.4%CVE-2023-37257MEDIUMThe DataEase panel and dataset have a stored XSS vulnerabilityEPSS 0.4%