28 matches found
Syntx 安全漏洞
Syntx is an artificial intelligence-based data analysis and automated decision-making platform developed by Syntx Corporation. There is a security vulnerability in Syntx; this vulnerability stems from the command automatic approval module’s susceptibility to OS command injection, which may lead t...
EUVD-2019-13669
Malware in sbrugna...
EUVD-2024-52235
Malicious code in bioql PyPI...
CVE-2025-42950 Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)
SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...
CVE-2025-42950 Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)
SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...
The vulnerability of the Splunk Enterprise platform for operational analysis, related to the transmission of data in an open manner, allows a perpetrator to disclose protected information.
The vulnerability of the Splunk Enterprise platform for operational analysis is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...
The vulnerability of the Hazelcast data analysis platform, related to permission processing errors, allows attackers to perform arbitrary actions.
The vulnerability of the Hazelcast data analysis platform is related to permission processing errors. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating system’s operational analysis platform allows a perpetrator to execute arbitrary code and gain increased privileges.
The vulnerability in the Splunk Web interface of the Splunk Enterprise operating system’s operational analysis platform is related to an incorrect initialization of resources when processing the OPENSSLDIR value. Exploiting this vulnerability allows an attacker to execute arbitrary code and gain...
CVE-2022-23470 Arbitrary file access in the Galaxy data analysis platform
Galaxy is an open-source platform for data analysis. An arbitrary file read exists in Galaxy 22.01 and Galaxy 22.05 due to the switch to Gunicorn, which can be used to read any file accessible to the operating system user under which Galaxy is running. This vulnerability affects Galaxy 22.01 and...
CVE-2022-39351
CVE-2022-39351 affects Dependency-Track prior to v4.6.0, where an API request using a valid API key with insufficient permissions could cause the API key to be written in clear text to the audit log. This enables an attacker with audit log access to obtain valid keys. The issue is fixed in v4.6.0...
CVE-2022-39351 Dependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissions
Dependency-Track is a Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Prior to version 4.6.0, performing an API request using a valid API key with insufficient permissions causes the API key to be written to Dependency-Track's audit...
Security Bulletin: Vulnerability with Diffie-Hellman ciphers may affect IBM i2 Intelligence Analysis Platform (CVE-2015-4000)
Summary The LogJam Attack on Diffie-Hellman ciphers CVE-2015-4000 may affect some configurations of the IBM WebSphere Application Server used with the IBM i2 Intelligence Analysis Platform. The IBM HTTP Server used by IBM i2 Intelligence Analysis Platform is not affected. Vulnerability Details...
Joern - Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs
Joern's Documentation is available here: https://docs.joern.io/home Quick Installation wget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.sh chmod +x ./joern-install.sh sudo ./joern-install.sh joern Compiling synthetic/ammonite/predef/interpBridge.sc Compiling...
Saferwall - A Hackable Malware Sandbox For The 21St Century
Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...
CVE-2020-4343
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or...
CVE-2020-4468
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system wit...
CVE-2020-4468
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system wit...
CVE-2020-4287
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the...
CVE-2020-4263
IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force...
CVE-2020-4288
CVE-2020-4288 concerns IBM i2 Analyst’s Notebook and IBM i2 Analyst’s Notebook Premium (v9.2.1). The IBM security bulletin documents multiple memory-corruption vulnerabilities in the loading of .anb files that could allow a local attacker to execute arbitrary code or crash the application after a...