1255 matches found
Spoofing
Azure HDInsight Jupyter Notebook Spoofing Vulnerability...
CVE-2023-35394
CVE-2023-35394 affects Azure HDInsight Jupyter Notebook. The connected sources describe a spoofing vulnerability in Azure HDInsight Jupyter Notebook that could allow an attacker to pretend to be another user and potentially access or impersonate UI/session elements. The exact technical details (a...
CVE-2023-35394 Azure HDInsight Jupyter Notebook Spoofing Vulnerability
...
Azure HDInsight Jupyter Notebook Spoofing Vulnerability
...
PT-2023-25212
Name of the Vulnerable Software and Affected Versions Azure HDInsight affected versions not specified Description The issue concerns a spoofing vulnerability in Azure HDInsight Jupyter Notebook. No specific details about the technical aspects of the vulnerability, such as API endpoints, vulnerabl...
Cross-Site Scripting (XSS)
gitlab is vulnerable to a cross-site scripting XSS vulnerability. This vulnerability occurs due to improper neutralization of input during web page generation. An attacker can exploit this vulnerability by creating a malicious Jupyter notebook that contains a crafted tag. When a victim views the...
Cross-site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. An attacker can inject and execute malicious javascript through the blob viewer of notebooks...
Python-Based PyLoose Fileless Attack Targets Cloud Workloads for Cryptocurrency Mining
A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique,"...
CVE-2023-24217
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability...
CVE-2023-24217
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability...
Arbitrary file deletion
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability...
AgileBio Electronic Lab Notebook 安全漏洞
AgileBio Electronic Lab Notebook is an editor from AgileBio Electronic. A security vulnerability exists in AgileBio Electronic Lab Notebook version v4.234 that stems from the presence of a local file inclusion vulnerability...
CVE-2023-24217
AgileBio Electronic Lab Notebook v4.234 was discovered to contain a local file inclusion vulnerability...
CVE-2023-24217
CVE-2023-24217 affects AgileBio Electronic Lab Notebook (Lab Collector) v4.234. Multiple connected sources (Exploit-DB, Red Hat, NVD, PRION, CNNVD) describe a local file inclusion vulnerability that enables an authenticated attacker to execute OS commands (RCE) on the underlying system. Exploit c...
Agilebio Lab Collector 4.234 Remote Code Execution
Exploit Title: Agilebio Lab Collector Electronic Lab Notebook Remote Code Execution Date: 2023-02-28 Exploit Author: Anthony Cole Vendor Homepage: https://labcollector.com/labcollector-lims/add-ons/eln-electronic-lab-notebook/ Version: v4.234 Contact: http://twitter.com/acole76 Website:...
Important: Red Hat Security Advisory: Red Hat OpenShift Data Science 1.22.1 security update
An update for kubeflow, dashboard, deployer is now available for Red Hat OpenShift Data Science 1.22. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...
Updated python-jupyterlab packages fix security vulnerability
Remote code execution, but requires user action to open a notebook. CVE-2021-32797, and other bug fixes...
SUSE CVE-2014-3429
IPython Notebook 0.12 through 1.x before 1.2 does not validate the origin of websocket requests, which allows remote attackers to execute arbitrary code by leveraging knowledge of the kernel id and a crafted page...
SUSE CVE-2015-6938
Cross-site scripting XSS vulnerability in the file browser in notebook/notebookapp.py in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via a folder name. NOTE: this was originally reported as a cross-site reque...
SUSE CVE-2015-7337
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files/, related to MIME types...