Design/Logic Flaw

An unspecified ActiveX control in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to overwrite arbitrary files via unknown vectors...

CVE-2012-1814

Cross-site scripting XSS vulnerability in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-1817

Buffer overflow in Emerson DeltaV and DeltaV Workstations 9.3.1, 10.3.1, 11.3, and 11.3.1 and DeltaV ProEssentials Scientific Graph 5.0.0.6 allows user-assisted remote attackers to execute arbitrary code or cause a denial of service daemon crash via an invalid field in a project file...

EnjoyGraph Communication SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Fedora Update for rocs FEDORA-2011-13417

Check for the Version of rocs OpenVAS Vulnerability Test Fedora Update for rocs FEDORA-2011-13417 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

Emerson DeltaV Multiple Vulnerabilities

Overview ICS-CERT originally released Advisory ICSA-12-138-01P to the US-CERT secure portal on May 17, 2012, and released Update A on May 21, 2012. This web page release including Update A was delayed to allow users time to download and install the update. Researcher Kuang-Chun Hung of the Securi...

New Approach to automatically detecting bugs and vulnerabilities in Linux

New Approach to automatically detecting bugs and vulnerabilities in Linux Australian researcher Silvio Cesare , PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may "embed" or "clone" code from...

New Approach to automatically detecting bugs and vulnerabilities in Linux

New Approach to automatically detecting bugs and vulnerabilities in Linux Australian researcher Silvio Cesare, PhD student at Deakin University has released a tool capable of automatically detecting bugs and vulnerabilities in embedded Linux libraries. Developers may "embed" or "clone" code from...

[SECURITY] Fedora 16 Update: kalgebra-4.7.1-1.fc16

2D and 3D Graph Calculator...

[SECURITY] Fedora 16 Update: rocs-4.7.1-3.fc16

Graph Theory IDE...

Fedora 14 : nip2-7.24.2-1.fc14 / vips-7.24.7-2.fc14 (2011-10781)

7.24 series. Run-time code generation Open via disc mode Workspace as Graph mode for nip2 FITS image format VIPS rewrite Better nibs in paintbox Better TIFF and JPEG load Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

CVE-2011-2093

CVE-2011-2093 affects Adobe LiveCycle Data Services (versions 3.1 and earlier), LiveCycle 9.0.0.2 and earlier, and BlazeDS 4.0.1 and earlier. The vulnerability arises from improper handling of object graphs, described as a “complex object graph vulnerability,” which can allow an attacker to cause...

Tom Sawyer Software GET Extension Factory COM Object Instantiation Memory Corruption

Tom Sawyer Software's GET Extension Factory, a component used for graph visualization applications, is installed on the remote Windows host. It may have been bundled with a third-party application, such as the VMware Infrastructure Client or Embarcadero ER / Studio XE2. The installed version of...

Fedora 13 : cgit-0.9-1.fc13 (2011-2815)

In addition to closing a DOS vulnerability thanks to Jim Meyering, this upstream feature release adds the following enhancements : - Support for side-by-side diffs - Support for repo content in 'about' view - Improved integration with gitolite/gitweb - Support for git notes in commit/log view -...

Fedora 14 : cgit-0.9-1.fc14 (2011-2803)

In addition to closing a DOS vulnerability thanks to Jim Meyering, this upstream feature release adds the following enhancements : - Support for side-by-side diffs - Support for repo content in 'about' view - Improved integration with gitolite/gitweb - Support for git notes in commit/log view -...

Fedora 12 : bugzilla-3.4.9-1.fc12 (2010-17235)

The following security issues have been discovered in Bugzilla : - There is a way to inject both headers and content to users, causing a serious Cross-Site Scripting vulnerability. - It was possible to see graphs from Old Charts even if you did not have access to a particular product, and you cou...

Code injection

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL...

Novell PlateSpin Orchestrate Graph Rendering Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Platespin Orchestrate. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application utilizes a bundled component for rendering graphs. Th...

CVE-2010-2545

Multiple cross-site scripting XSS vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High Performance Computing HPC Solution and other products, allow remote attackers to inject arbitrary web script or HTML via 1 the name element in an XML template to templatesimport.php; and allow remote...

DEBIAN-CVE-2010-2543

Cross-site scripting XSS vulnerability in include/topgraphheader.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graphstart parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b...