PYSEC-2022-255

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

UBUNTU-CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

VTK 代码问题漏洞

VTK is an open source software system for image processing, 3D graphics, body drawing and visualization. VTK suffers from a code issue vulnerability that stems from its IO/Infovis/vtkXMLTreeReader.cxx component not checking the return value of the libxml2 API "xmlDocGetRootElement" and attempting...

Format string

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

CVE-2022-34838 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

PT-2022-22387 · Abb · Abb Zenon

Name of the Vulnerable Software and Affected Versions: ABB Zenon version 8.20 Description: The issue allows an attacker to add or alter data points and corresponding attributes. Once such engineering data is used, the data visualization will be altered for the end user. Recommendations: For ABB...

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

CVE-2022-1989

CVE-2022-1989 affects CODESYS Visualization versions prior to V4.2.0.0. Root cause: the login dialog exposes information that enables an unauthenticated, remote attacker to enumerate valid users. Impact is information disclosure (user enumeration) with potential for targeted misuse. Affected prod...

CVE-2022-1989 CODESYS Visualization vulnerable to user enumeration

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

PT-2022-14241 · 3S Smart Software Solutions · Codesys Visualization

Name of the Vulnerable Software and Affected Versions: CODESYS Visualization versions prior to V4.2.0.0 Description: The issue allows a remote, unauthenticated attacker to enumerate valid users due to information exposure in the login dialog. Recommendations: For versions prior to V4.2.0.0, updat...

CODESYS 安全漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS Visualization versions prior to V4.2.0.0, which originates from a login dialog box that is susceptible to information disclosure and can be exploited by an attacker to...

CVE-2021-32862 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2021-32862 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

GHSA-9JMQ-RX5F-8JWQ vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

Fedora: Security Advisory for golang-github-google-pprof (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-10.fc36

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

Reflected XSS on conversion filter function

Description Fava v1.22 have a conversion filter function on income statement dashboard which allow user to perform XSS due to improper validation on filter conversion. Proof of Concept 1 Navigate to Fava demo instance https://fava.pythonanywhere.com/example-beancount-file/incomestatement/. 2 Filt...

CVE-2022-34838

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. Used to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase v1.11.1 There is a security vulnerability , the vulnerability stems from the plug-in...