7 matches found
CVE-2026-6309
Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-35565
The CVE affects Apache Storm UI before 2.8.6. The Storm UI visualization component interpolates topology metadata (component IDs, stream names, grouping values) directly into HTML via innerHTML in parseNode() and parseEdge() without sanitization, enabling stored XSS when an authenticated user wit...
Google Cloud Vertex AI SDK affected by Stored Cross-Site Scripting (XSS)
Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...
CVE-2026-2472
Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...
CVE-2026-2472 Stored Cross-Site Scripting (XSS) in Vertex AI Python SDK Visualization
Stored Cross-Site Scripting XSS in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform versions from 1.98.0 up to but not including 1.131.0 allows an unauthenticated remote attacker to execute arbitrary JavaScript in a victim's Jupyter or Colab environment...
PT-2023-4024 · Oracle · Oracle Hyperion Workspace
Name of the Vulnerable Software and Affected Versions: Oracle Hyperion Workspace version 11.2.13.0.000 Description: The issue is related to insecure privilege management in the UI and Visualization component of Oracle Hyperion Workspace. It allows a low-privileged attacker with network access via...
Oracle Hyperion Workspace Component Access Control Error Vulnerability
Oracle Hyperion is a set of financial modeling applications from Oracle USA. The software provides financial closure, report production, etc. Hyperion Workspace is one of the modular business intelligence platform. The platform can be in a single coordinated environment for a variety of data...