[SECURITY] Fedora 42 Update: zabbix-7.2.5-1.fc42

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

[SECURITY] Fedora 41 Update: zabbix-7.0.11-1.fc41

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

Linux Distros Unpatched Vulnerability : CVE-2022-31130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open source observability and data visualization platform. Versions of Grafana for endpoints prior to 9.1.8 and 8.5.14 could leak authentication...

编号撤回

Siemens Opcenter Intelligence is a software from Siemens Germany. It is used to provide flexible reporting and analysis tools that enable companies to present data to the right people with appropriate visualizations. This CVE number has been withdrawn...

The vulnerability of the Kibana data visualization service, related to unlimited resource distribution, allows a perpetrator to cause a service failure.

The vulnerability of the Kibana data visualization service is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure by sending a specially crafted request...

CVE-2022-39362

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, unsaved SQL queries are auto-executed, which could pose a possible attack vector. This issue is patched in versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9...

CVE-2024-31441

DataEase is an open source data visualization analysis tool. Due to the lack of restrictions on the connection parameters for the ClickHouse data source, it is possible to exploit certain malicious parameters to achieve arbitrary file reading. The vulnerability has been fixed in v1.18.19...

NextGeography NG Analyser 安全漏洞

NextGeography NG Analyser is a location-based data visualization and analysis application from NextGeography. A security vulnerability exists in NextGeography NG Analyser that stems from an authorization authentication that can be bypassed via a user control key, potentially leading to misuse of...

Apache Superset Authorization Issues Vulnerability (CNVD-2025-03545)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset suffers from an authorization issue vulnerability that stems from improper authorization settings that can be exploited by an attacker to use this API when FABADDSECURITYAPI is...

CVE-2024-52295 DataEase has a forged JWT token vulnerability

DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2...

CVE-2024-47073 Dataease arbitrary interface access vulnerability

DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends. In affected versions a the lack of signature verification of jwt tokens allows attackers to forge jwts which then allow access to any interface. The...

The vulnerability of the Grafana Alloy data visualization system lies in the absence of quotation marks when writing elements or search paths. This allows attackers to escalate their privileges.

The vulnerability of the Grafana Alloy data visualization system is related to the absence of quotation marks in the wording of elements or search paths. Exploiting this vulnerability can allow attackers to enhance their privileges...

Siemens SIMATIC SCADA and PCS 7 systems Remote Code Execution Vulnerability

SIMATIC Information Server is used to report and visualize process data stored in SIMATIC process Historian, the SIMATIC PCS 7, SIMATIC WinCC, and SIMATIC PCS-neo long-term archiving system. It stores process values, alarms, and batch data from the production plant in its database and provides...

The vulnerability of the Kibana data visualization service, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the Kibana data visualization service is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted YAML file...

The vulnerability of the Kibana data visualization service, related to deficiencies in the deserialization mechanism, allows attackers to execute arbitrary code.

The vulnerability of the Kibana data visualization service is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created YAML document...

[SECURITY] Fedora 40 Update: zabbix-6.0.33-1.fc40

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

PT-2024-29275 · Unknown · Streamlit-Geospatial

Name of the Vulnerable Software and Affected Versions: streamlit-geospatial versions prior to commit c4f81d9616d40c60584e36abb15300853a66e489 Description: The issue arises from the vis params variable, which takes user input in the 8 🏜️ Raster Data Visualization.py file. This input is later used i...

streamlit-geospatial 代码问题漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A code issue vulnerability exists in streamlit-geospatial that stems from pages/9? The url variable in VectorDataVisualization.py accepts user input, which is then passed...

streamlit-geospatial 安全漏洞

streamlit-geospatial is a streamlit multi-page application for geospatial applications open-sourced by Open Geospatial Solutions. A security vulnerability exists in streamlit-geospatial that stems from 8????? The visparams variable in RasterDataVisualization.py accepts user input that is then use...

The vulnerability of the Data Visualization component of the Oracle Business Intelligence Enterprise Edition software platform allows attackers to disclose protected information.

The vulnerability of the Data Visualization component of the Oracle Business Intelligence Enterprise Edition software exists due to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...