2349 matches found
Cross-site Scripting (XSS)
Overview @cosmos.gl/graph is a GPU-based force graph layout and rendering Affected versions of this package are vulnerable to Cross-site Scripting XSS due to writing a user-controllable HTML string directly to the DOM without sanitization. An attacker can execute arbitrary JavaScript code in a...
CVE-2023-7315
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7316
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READONCE when accessing fgrapharray In ftracereturntohandler, a loop iterates over the fgrapharray elements, which are fgraphops. The loop checks if an element is a fgraphstub to prevent using a fgraphstub afterward...
OESA-2025-2557 thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: This vulnerability affects Firefox versions prior to 143 and Firefox ESR versions prior to 140.3. Specific vulnerability type and impact details require further confirmation.CVE-2025-10527 This vulnerability affects...
CVE-2023-7316
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7315
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7315
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7316
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7316 Nagios XI < 2024R1 XSS via Graph Explorer
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7316 Nagios XI < 2024R1 XSS via Graph Explorer
Nagios XI versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7316
CVE-2023-7316 concerns Nagios XI prior to 2024R1. The vulnerability is an XSS flaw in the Graph Explorer component caused by insufficient validation or escaping of user-supplied input, enabling an attacker to inject and execute arbitrary script in a victim’s browser. Affected software: Nagios XI ...
CVE-2023-7315 Nagios XI < 5.11.3 XSS via Graph Explorer
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7315 Nagios XI < 5.11.3 XSS via Graph Explorer
Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Graph Explorer component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2023-7315
Nagios XI prior to version 5.11.3 is affected by a cross-site scripting (XSS) vulnerability in the Graph Explorer component. The root cause is insufficient validation or escaping of user-supplied input, enabling an attacker to inject and execute arbitrary script in a victim’s browser. Supported b...
EUVD-2025-36994
Apache Airflow /api/v2/dagReports executes DAG Python in API...
CVE-2025-62402
API users via /api/v2/dagReports could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available...
thunderbird: firefox: Use-after-free in MediaTrackGraphImpl::GetInstance()
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in MediaTrackGraphImpl::GetInstance...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1, which stems from insufficient...
A Survey of Heterogeneous Graph Neural Networks for Cybersecurity Anomaly Detection
Anomaly detection is a critical task in cybersecurity, where identifying insider threats, access violations, and coordinated attacks is essential for ensuring system resilience. Graph-based approaches have become increasingly important for modeling entity interactions, yet most rely on homogeneou...