USN-6720-1 cacti vulnerability

Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graphview.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks...

ai.stapi:arango-axon (>=0.0.1 <=0.0.2), ai.stapi:arango-graph (>=0.0.1 <=0.0.2) +3816 more potentially affected by CVE-2024-1300 via io.vertx:vertx-core (>=4.3.4 <=4.4.7)

io.vertx:vertx-core MAVEN version =4.3.4, =0.0.1, =0.0.1, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =0.8.38, =22.9.0, =22.9.0, =23.9.1 and more Source cves: CVE-2024-1300 Source advisory:...

Important: grafana security and bug fix update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 Bug Fixes: TRIAGE CVE-2024-1394 grafana: golang-fips/openssl: Memory leaks i...

[SECURITY] Fedora 39 Update: onnx-1.14.0-9.fc39

onnx provides an open source format for AI models, both deep learning and traditional ML. It defines an extensible computation graph model, as well as definitions of built-in operators and standard data types...

[SECURITY] Fedora 40 Update: onnx-1.14.1-2.fc40

onnx provides an open source format for AI models, both deep learning and traditional ML. It defines an extensible computation graph model, as well as definitions of built-in operators and standard data types...

Fedora: Security Advisory (FEDORA-2024-abe1e34fdb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: ACS 4.4 enhancement and security update

Important: Updated images are now available for Red Hat Advanced Cluster Security. Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes new features and bug fixes. This release includes the following features and updates: New Compliance capabilities...

GHSA-H2X6-5JX5-46HF RCE in TranformGraph().to_dot_graph function

Summary RCE due to improper input validation in TranformGraph.todotgraph function Details Due to improper input validation a malicious user can provide a command or a script file as a value to savelayout argument, which will be placed as the first value in a list of arguments passed to...

UBUNTU-CVE-2023-41334

Astropy is a project for astronomy in Python that fosters interoperability between Python astronomy packages. Version 5.3.2 of the Astropy core package is vulnerable to remote code execution due to improper input validation in the TranformGraph.todotgraph function. A malicious user can provide a...

Astropy Security Breach

Astropy is a Python astronomy project designed to promote interoperability between Python astronomy packages. A security vulnerability exists in Astropy version 5.3.2, which stems from an improper input validation issue in the function TranformGraph.todotgraph, leading to a remote code execution...

SUSE SLES12 Security Update : zabbix (SUSE-SU-2024:0862-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0862-1 advisory. - The cause of vulnerability is improper validation of form input field Name on Graph page in Items section. CVE-2024-22119 Note that Nessus...

[SECURITY] Fedora 40 Update: dirgra-0.4-12.fc40

Simple Directed Graph Implementation...

BIT-TENSORFLOW-2021-41217 Null pointer exception when `Exit` node is not preceded by `Enter` op

TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...

BloodHound - Six Degrees Of Domain Admin

BloodHound is a monolithic web application composed of an embedded React frontend with Sigma.js and a Go based REST API backend. It is deployed with a Postgresql application database and a Neo4j graph database, and is fed by the SharpHound and AzureHound data collectors. BloodHound uses graph...

PYSEC-2024-245

Apache Airflow, versions before 2.8.2, has a vulnerability that allows authenticated users to view DAG code and import errors of DAGs they do not have permission to view through the API and the UI.Users of Apache Airflow are recommended to upgrade to version 2.8.2 or newer to mitigate the risk...

Information Disclosure

microsoft/microsoft-graph-core is vulnerable to Information Disclosure. The vulnerability is due to the inclusion of test code that enables the use of the phpInfo function, specifically through the GetPhpInfo.php script, which can expose sensitive system information if the server is misconfigured...

PT-2024-40640 · Git +1 · Igraph

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by a global buffer overflow read. The crash occurs in the following functions: igraph dl yylex, igraph dl yyparse,...

CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

DEBIAN-CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...