SUSE CVE-2017-1000031

SQL injection vulnerability in graphtemplatesinputs.php in Cacti 0.8.8b allows remote attackers to execute arbitrary SQL commands via the graphtemplateinputid and graphtemplateid parameters...

SUSE CVE-2017-1000388

Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, allowing anyone with Overall/Read permission to modify this data...

SUSE CVE-2018-20725

A cross-site scripting XSS vulnerability exists in graphtemplates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label...

SUSE CVE-2019-16723

In Cacti through 1.2.6, authenticated users may bypass authorization checks for viewing a graph via a direct graphjson.php request with a modified localgraphid parameter...

SUSE CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

SUSE CVE-2020-23226

Multiple Cross Site Scripting XSS vulneratiblities exist in Cacti 1.2.12 in 1 reportsadmin.php, 2 dataqueries.php, 3 datainput.php, 4 graphtemplates.php, 5 graphs.php, 6 reportsadmin.php, and 7 datainput.php...

SUSE CVE-2021-41217

TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in th...

SUSE CVE-2022-23578

Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of ImmutableExecutorState::Initialize. Here, we set item-kernel to nullptr but it is a simple OpKernel pointer so the memory that was previously allocated to it...

SUSE CVE-2023-0687

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

ROS-20230210-03

Vulnerability of GNU C Libraryglibc system calls and basic functions library is related to buffer overflow in monstartup function of Call Graph Monitor component in gmon.c file. buffer overflow in monstartup function of gmon.c file of Call Graph Monitor component. Exploiting the vulnerability cou...

CVE-2023-0687

A vulnerability was found in the GNU C Library. This flaw affects the monstartup function of the gmon.c of the component Call Graph Monitor file. The manipulation leads to buffer overflow...

CVE-2023-0687

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

CVE-2023-0687

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

CVE-2023-0687

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

Design/Logic Flaw

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

CVE-2023-0687

Removed by vendor...

CVE-2023-0687

A vulnerability was found in GNU C Library 2.38. It has been declared as critical. This vulnerability affects the function monstartup of the file gmon.c of the component Call Graph Monitor. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. VDB-220246...

Apache AGE SQL注入漏洞

Apache AGE is a PostgreSQL extension from the Apache Foundation that provides graphical database functionality. An SQL injection vulnerability exists in the Apache AGE driver, which stems from an inability to parameterize passed values, leading to SQL injection...

GUAC - Aggregates Software Security Metadata Into A High Fidelity Graph Database

Note: GUAC is under active development - if you are interested in contributing, please look at contributor guide and the "express interest" issue Graph for Understanding Artifact Composition GUAC aggregates software security metadata into a high fidelity graph database—normalizing entity identiti...

A New Malware Called Album Stealer is Targeting Facebook Users

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Album Stealer is a malware that disguises itself as a photo album and drops decoy adult images while performing malicious activity in the background. It uses a side-loading technique to execute malicious...