| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-6696 | Hitachi Vantara Pentaho Business Analytics Server - Insufficient Granularity of Access Control | Hitachi Vantara | Pentaho Data Integration & Analytics | Medium | 4.9 | 2025-02-19 23:29:43 | Deep Dive |
| CVE-2024-37361 | Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data | Hitachi Vantara | Pentaho Data Integration & Analytics | Critical | 9.9 | 2025-02-19 23:25:33 | Deep Dive |
| CVE-2024-37360 | Hitachi Vantara Pentaho Business Analytics Server - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | Hitachi Vantara | Pentaho Data Integration & Analytics | Medium | 4.4 | 2025-02-19 23:01:42 | Deep Dive |
| CVE-2024-37359 | Hitachi Vantara Pentaho Business Analytics Server – Server Side Request Forgery | Hitachi Vantara | Pentaho Data Integration & Analytics | High | 8.6 | 2025-02-19 22:58:58 | Deep Dive |
| CVE-2024-5705 | Hitachi Vantara Pentaho Business Analytics Server - Incorrect Authorization | Hitachi Vantara | Pentaho Data Integration & Analytics | High | 8.8 | 2025-02-19 22:55:09 | Deep Dive |
| CVE-2024-5706 | Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') | Hitachi Vantara | Pentaho Data Integration & Analytics | High | 8.8 | 2025-02-19 22:49:47 | Deep Dive |
| CVE-2025-24615 | WordPress Analytics Cat Plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability | fatcatapps | Analytics Cat | High | 7.1 | 2025-02-14 12:44:35 | Deep Dive |
| CVE-2025-25145 | WordPress Infusionsoft Analytics Plugin <= 2.0 - Cross-Site Request Forgery (CSRF) vulnerability | jordan.hatch | Infusionsoft Analytics | Medium | 5.4 | 2025-02-07 10:11:49 | Deep Dive |
| CVE-2024-49352 | IBM Cognos Anaytics XML external entity injection | IBM | Cognos Analytics | High | 7.1 | 2025-02-05 10:58:34 | Deep Dive |
| CVE-2024-10591 | MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics <= 1.5.9 - Missing Authorization to Authenticated (Contributor+) Arbitrary Options Update | makewebbetter | MWB HubSpot for WooCommerce – CRM, Abandoned Cart, Email Marketing, Marketing Automation & Analytics | High | 8.8 | 2025-01-30 13:42:09 | Deep Dive |
| CVE-2023-38009 | IBM Cognos Analytics Mobile information disclosure | IBM | Cognos Analytics Mobile | Medium | 4.2 | 2025-01-26 15:57:42 | Deep Dive |
| CVE-2024-35134 | IBM Analytics Content Hub information disclosure | IBM | Analytics Content Hub | Medium | 5.3 | 2025-01-25 14:05:45 | Deep Dive |
| CVE-2024-39750 | IBM Analytics Content Hub buffer overflow | IBM | Analytics Content Hub | High | 8.8 | 2025-01-25 14:04:41 | Deep Dive |
| CVE-2024-40693 | IBM Planning Analytics file upload | IBM | Planning Analytics Local | High | 8.0 | 2025-01-24 15:26:27 | Deep Dive |
| CVE-2024-25034 | IBM Planning Analytics file upload | IBM | Planning Analytics Local | High | 8.0 | 2025-01-24 15:25:06 | Deep Dive |
| CVE-2025-21532 | Oracle Analytics 安全漏洞 | Oracle Corporation | Oracle Analytics Desktop | High | 7.8 | 2025-01-21 20:53:09 | Deep Dive |
| CVE-2025-23848 | WordPress Hotspots Analytics plugin <= 4.0.12 - CSRF to Stored XSS vulnerability | dpowney | Hotspots Analytics | High | 7.1 | 2025-01-16 20:07:22 | Deep Dive |
| CVE-2025-23743 | WordPress Social Analytics plugin <= 0.2 - CSRF to Stored XSS vulnerability | MartijnScheijbeler | Social Analytics | High | 7.1 | 2025-01-16 20:06:50 | Deep Dive |
| CVE-2025-23483 | WordPress Universal Analytics Injector plugin <= 1.0.3 - CSRF to Stored XSS vulnerability | hoyce | Universal Analytics Injector | High | 7.1 | 2025-01-16 20:05:50 | Deep Dive |
| CVE-2024-11386 | GatorMail SmartForms <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting | wow-analytics | GatorMail SmartForms | Medium | 6.4 | 2025-01-11 07:21:55 | Deep Dive |