PT-2023-5158 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prior to...

Siemens JT2GO 安全漏洞

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A type confusion vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code in the...

PT-2023-5160 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

PT-2023-5163 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

Siemens JT2GO 缓冲区错误漏洞

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A heap buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code ...

PT-2023-5161 · Siemens · Tecnomatix Plant Simulation +2

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V14.3.0.1 Teamcenter Visualization V13.3 versions prior to V13.3.0.12 Teamcenter Visualization V14.0 all versions Teamcenter Visualization V14.1 versions prior to V14.1.0.11 Teamcenter Visualization V14.2 versions prio...

Apache Superset Information Disclosure Vulnerability (CNVD-2023-70276)

Apache Superset is an open source data visualization tool based on Python. A security vulnerability in the Apache Superset stack trace error handling can be exploited by a remote attacker to submit a special request that can obtain sensitive information...

Apache Superset Authorization Issues Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset version 2.1.0 and prior versions have an authorization issue vulnerability that stems from incorrect authorization checks in SQLLab. An attacker can exploit the vulnerability to...

Apache Superset Code Execution Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A code execution vulnerability exists in Apache Superset version 2.1.0 and earlier, which can be exploited by an attacker to remotely execute code on a Web backend...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-78381)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Apache Superset REST API Authorization Issues Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset version 2.1.0 and prior versions suffer from an authorization issue vulnerability that stems from incorrect REST API permissions. An attacker can exploit this vulnerability to cau...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-78383)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Apache Superset Security Bypass Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset version 2.1.0 and prior versions, which can be exploited by an attacker to incorrectly create resources using the Import Chart feature...

Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)

LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...

Apache Superset Unauthorized Access Vulnerability

Apache Superset is a Python language based development of open source fashionable data exploration and analysis and visualization of the reporting platform , support for rich data sources , and has a colorful visualization of the charts to choose from . An unauthorized access vulnerability exists...

CVE-2023-39512

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...

Cross site scripting

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...

Cross site scripting

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...

CVE-2023-39516

CVE-2023-39516 affects Cacti. It is a Stored Cross-Site Scripting (XSS) vulnerability in the data_sources.php component that can be exploited by an authenticated user with the General Administration > Sites/Devices/Data permission to poison data stored in the Cacti database. The poisoned data ...

CVE-2023-39516 Stored Cross-Site-Scripting on data_sources.php debug html-block in Cacti

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...