2609 matches found
CVE-2020-11451
The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. This is also exploitable via SSRF. Note: The ability to upload visualization plugins requires administrator privileges...
CVE-2020-11451
The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. This is also exploitable via SSRF. Note: The ability to upload visualization plugins requires administrator privileges...
Design/Logic Flaw
The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. This is also exploitable via SSRF. Note: The ability to upload visualization plugins requires administrator privileges...
CVE-2020-11451
The CVE-2020-11451 entry concerns MicroStrategy Web 10.4 (Upload Visualization plugin in the admin panel). The vulnerability arises from allowing an administrator to upload a ZIP archive with arbitrary extensions and data, via a plugin upload mechanism that requires admin privileges. The descript...
Awspx - A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments
auspex ˈau̯s.pɛks noun : An augur of ancient Rome, especially one who interpreted omens derived from the observation of birds. awspx is a graph-based tool for visualizing effective access and resource relationships within AWS. It resolves policy information to determine what actions affect which...
Envizon v3.0 - Network Visualization And Vulnerability Management/Reporting
This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and vulnerability reporting tool, 'envizon'. We hope your feedback will help to improve...
Manage Origin Offload and Egress Fees for Live and On-Demand
Origin offload has received more attention in the past few years as more customers have moved their origins to the cloud. As such, the cost to access data has become an important issue. To support this move, Akamai has developed Cloud Wrapper to provide customers with a way to securely connect to...
PT-2022-11605 · Libxml2 +3 · Libxml2 +3
Name of the Vulnerable Software and Affected Versions: VTK versions prior to 9.2.5 Description: The issue is a NULL pointer dereference vulnerability that lies in IO/Infovis/vtkXMLTreeReader.cxx. It occurs because the vendor did not check the return value of the libxml2 API xmlDocGetRootElement a...
Exploit for CVE-2014-7911
Security-Data-Analysis-and-Visualization 2018-2020青年安全圈-活跃技术博主/博客 Why - 最初目的:个人日常安全阅读资源不足,需要从博客、Github、Twitter等多个数据源补充。 - 延续目的:以人为核心,系统化收集博客、Github、当前主要研究方向、所属安全组织、学校、公司、RSS、知乎、微博、Email等信息,缩小安全圈的范围。 - 信息检索:通过关键字检索,方便找人,缩小人与人之间的交流障碍。比如通过高校关键字,可以快速找到校友,通过网络ID快速找到博主。 -...
Kibana 6.6.1 - CSV Injection
Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest versions Tested on: Kibana...
Kibana 6.6.1 - CSV Injection Vulnerability
Exploit for windows platform in category web applications Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1...
Kibana 6.6.1 CSV Injection
Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest versions Tested on: Kibana...
Kibana 6.6.1 - CSV Injection
Kibana 6.6.1 - CSV Injection Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest...
Elastic Kibana < 6.8.6, 7.x < 7.5.1 XSS Vulnerability - Linux
Kibana is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:elastic:kibana";...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1518)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
CVE-2019-7621
Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that visualization or a dashboa...
CVE-2019-7621
CVE-2019-7621 affects Kibana: XSS in coordinate/region map visualizations on Kibana <6.8.6 and
Elastic Stack 6.8.6 and 7.5.1 security update
Kibana XSS ESA-2019-17 Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that...