[SECURITY] Fedora 32 Update: grafana-6.7.3-1.fc32

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

[SECURITY] Fedora 31 Update: grafana-6.7.3-1.fc31

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

The vulnerability of the local_graph_id function in the Cacti server monitoring system allows unauthorized access by bypassing authentication using a user-controlled key. This enables attackers to gain access to confidential data.

The vulnerability of the localgraphid function in the Cacti server monitoring system is related to an authentication check error for viewing graphs. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

QRadar Community Edition 7.3.1.6 PHP Object Injection Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ PHP object injection vulnerability in QRadar Forensics web application ------------------------------------------------------------------------ Abstract...

December 5, 2017, update for Office 2016 (KB4011211)

December 5, 2017, update for Office 2016 KB4011211 This article describes update 4011211 for Microsoft Office 2016 that was released on December 5, 2017. This update has a prerequisite. Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition...

Unspecified Vulnerability in GitLab EE/CE (CNVD-2020-22241)

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab EE/CE, which ca...

Jackdaw - Tool To Collect All Information In Your Domain And Show You Nice Graphs

Jackdaw is here to collect all information in your domain, store it in a SQL database and show you nice graphs on how your domain objects interact with each-other an how a potential attacker may exploit these interactions. It also comes with a handy feature to help you in a password-cracking...

Awspx - A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments

auspex ˈau̯s.pɛks noun : An augur of ancient Rome, especially one who interpreted omens derived from the observation of birds. awspx is a graph-based tool for visualizing effective access and resource relationships within AWS. It resolves policy information to determine what actions affect which...

Prototype Pollution

rdf-graph-array is vulnerable to prototype pollution. The vulnerability exists as the rdf.Graph.prototype.add method could be used to add or modify properties of Object.prototype...

CVE-2019-10798

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

CVE-2019-10798

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

Design/Logic Flaw

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

CVE-2019-10798

CVE-2019-10798 concerns prototype pollution in the JavaScript graph library rdf-graph-array (affected up to 0.3.0-rc6). The issue arises from rdf.Graph.prototype.add being able to inject/modify properties on Object.prototype. Public sources (NVD/Red Hat/Snyk/Veracode, etc.) describe this as a pro...

CVE-2019-10798

rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype...

MISA expands with new members and new product additions

Another RSA Conference RSAC and another big year for the Microsoft Intelligent Security Association MISA. MISA was launched at RSAC 2018 with 26 members and a year later we had doubled in size to 53 members. Today, I am excited to share that the association has again doubled in size to 102 member...

SAS Visual Analytics Cross-Site Scripting Vulnerability

SAS Visual Analytics is data visualization software that helps build and design interactive Web dashboards. A cross-site scripting vulnerability exists in the graph generator in SAS Visual Analytics 8.5. An attacker can exploit this vulnerability to execute malicious Javascript in a user's browse...

Cacti Arbitrary OS Command Execution Vulnerability (CNVD-2020-13156)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A security vulnerability exists in the graphrealtime.php file in...

CVE-2020-9350

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...

CVE-2020-9350

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...

Cross site scripting

Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly...