Lucene search
K

174 matches found

OSV
OSV
added 2018/10/17 1:31 a.m.4 views

CVE-2018-3204

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware subcomponent: Analytics Server. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

8.2CVSS7.3AI score
Exploits0References2
Hacker One
Hacker One
added 2018/09/22 11:34 a.m.14 views

8x8: XSS (Cross site scripting) on https://apimgr.8x8.com

The domain apimgr.8x8.com hosted an outdated version of WSO2 Data Analytics Server...

1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2018/04/05 12:0 a.m.3 views

PT-2018-3928 · Apache +1 · Apache Hive Jdbc Driver +1

Name of the Vulnerable Software and Affected Versions: Apache Hive JDBC driver versions 0.7.1 through 2.3.2 Oracle Business Intelligence Enterprise Edition Analytics Server affected versions not specified Description: The issue allows an attacker to bypass argument escaping in the JDBC driver's...

9.4CVSS9AI score0.05516EPSS
Exploits0References14
Prion
Prion
added 2017/10/04 1:29 a.m.15 views

Cross site scripting

The Management Console in WSO2 Application Server 5.3.0, WSO2 Business Process Server 3.6.0, WSO2 Business Rules Server 2.2.0, WSO2 Complex Event Processor 4.2.0, WSO2 Dashboard Server 2.0.0, WSO2 Data Analytics Server 3.1.0, WSO2 Data Services Server 3.5.1, and WSO2 Machine Learner 1.2.0 is...

4.3CVSS6.2AI score0.00635EPSS
Exploits0References1Affected Software8
CVE
CVE
added 2017/10/03 7:0 a.m.53 views

CVE-2017-14995

CVE-2017-14995: A stored XSS vulnerability in the Management Console affects multiple WSO2 products (WSO2 Application Server 5.3.0; WSO2 Business Process Server 3.6.0; WSO2 Business Rules Server 2.2.0; WSO2 Complex Event Processor 4.2.0; WSO2 Dashboard Server 2.0.0; WSO2 Data Analytics Server 3.1...

6.1CVSS5.2AI score0.00635EPSS
Exploits0References1Affected Software8
CNVD
CNVD
added 2017/09/22 12:0 a.m.4 views

WSO2 Data Analytics Server Cross-Site Scripting Vulnerability

WSO2 Data Analytics Server is a data analytics server from WSO2, Inc. that provides real-time analysis of data streams, complex event processing, and machine learning. A cross-site scripting vulnerability exists in the carbon/resources/addcollectionajaxprocessor.jsp file in WSO2 Data Analytics...

4.8CVSS6.3AI score0.03836EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/09/22 12:0 a.m.16 views

WSO2 Data Analytics Server Multiple XSS Vulnerabilities

WSO2 Data Analytics Server is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

6.1CVSS5.2AI score0.03836EPSS
Exploits1References3
Prion
Prion
added 2017/09/21 6:29 p.m.8 views

Design/Logic Flaw

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...

3.5CVSS4.8AI score0.03836EPSS
Exploits1References3Affected Software17
OSV
OSV
added 2017/09/21 6:29 p.m.16 views

CVE-2017-14651

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...

4.8CVSS6.2AI score0.03836EPSS
Exploits1References3
NVD
NVD
added 2017/09/21 6:29 p.m.23 views

CVE-2017-14651

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...

4.8CVSS4.9AI score0.03836EPSS
Exploits1References3
CVE
CVE
added 2017/09/21 6:0 p.m.92 views

CVE-2017-14651

Summary: CVE-2017-14651 affects WSO2 Data Analytics Server 3.1.0. The vulnerability is a cross-site scripting (XSS) flaw in carbon/resources/add_collection_ajaxprocessor.jsp, exploitable via the collectionName or parentPath parameters. Exploitation could cause injected scripts to run in a victim’...

4.8CVSS4.7AI score0.03836EPSS
Exploits1References3Affected Software17
Cvelist
Cvelist
added 2017/09/21 6:0 p.m.24 views

CVE-2017-14651

WSO2 Data Analytics Server 3.1.0 has XSS in carbon/resources/addcollectionajaxprocessor.jsp via the collectionName or parentPath parameter...

4.8AI score0.03836EPSS
Exploits1References3
CNVD
CNVD
added 2017/05/24 12:0 a.m.3 views

Multiple SAP Products 'DBISQL' Information Disclosure Vulnerability

SAP SQL Anywhere is a product of SAP, Germany.SQL Anywhere is an out-of-the-box database solution with enterprise-class features.SAP IQ is an analytics server designed for analytics, data warehousing, and business intelligence environments.SAP ASE is a database management platform. An information...

6.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/10/10 12:0 a.m.15 views

WSO2 Carbon Products Detection (HTTP)

HTTP based detection of WSO2 Carbon products. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

7AI score
Exploits0References1
NVD
NVD
added 2015/08/04 2:59 p.m.16 views

CVE-2011-5322

GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...

10CVSS9.8AI score0.01679EPSS
Exploits0References4
Prion
Prion
added 2015/08/04 2:59 p.m.10 views

Default credentials

GE Healthcare Centricity Analytics Server 1.1 has a default password of 1 V0yag3r for the SQL Server sa user, 2 G3car3s for the analyst user, 3 G3car3s for the ccg user, 4 V0yag3r for the viewer user, and 5 geservice for the geservice user in the Webmin interface, which has unspecified impact and...

10CVSS8AI score0.01679EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2015/08/04 10:0 a.m.47 views

CVE-2011-5322

GE Healthcare Centricity PACS-IW (Centricity PACS-IW) is vulnerable via default/hard-coded credentials documented for CVE-2011-5322 in Centricity Analytics Server 1.1, notably in the Webmin interface where several accounts use known passwords (e.g., V0yag3r, G3car3s, geservice). Exploitation coul...

10CVSS7.6AI score0.01679EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/10/13 12:0 a.m.31 views

TIBCO Spotfire Analytics Server Authentication Module Unspecified Information Disclosure

The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by an information disclosure vulnerability due to an unspecified flaw in the Authentication Module. A remote attacker can exploit this vulnerability to access sensitive information by sending a specially...

5CVSS5.6AI score0.01667EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2014/10/13 12:0 a.m.41 views

TIBCO Spotfire Analytics Server Web Application Multiple Vulnerabilities

The remote host is running a version of TIBCO Spotfire Analytics Server that is affected by multiple vulnerabilities : - A cross-site scripting vulnerability exists that allows a remote attacker to view or modify sensitive information. CVE-2011-3132 - A session fixation vulnerability exists that...

7.5CVSS5.4AI score0.02201EPSS
Exploits0References5
NVD
NVD
added 2011/09/02 4:55 p.m.13 views

CVE-2011-3133

Session fixation vulnerability in TIBCO Spotfire Server 3.0.x before 3.0.2, 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.1, and Spotfire Analytics Server before 10.1.1, allows remote attackers to hijack web sessions via unspecified vectors...

4.3CVSS6.7AI score0.01702EPSS
Exploits0References4
Rows per page
Query Builder