DEBIAN-CVE-2025-24368

Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...

PT-2024-30556 · Khoj · Khoj

Name of the Vulnerable Software and Affected Versions: Khoj versions prior to 1.15.0 Description: The Automation feature in Khoj allows users to insert arbitrary HTML inside task instructions, resulting in a Stored XSS. The q parameter for the "/api/automation" endpoint does not get correctly...

UBUNTU-CVE-2024-31460

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in createallheadernodes function from lib/apiautomation.php , finally resulti...

CVE-2024-31460 Cacti SQL Injection vulnerability in lib/api_automation.php caused by reading dirty data stored in database

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in createallheadernodes function from lib/apiautomation.php , finally resulti...

CVE-2024-31460

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in createallheadernodes function from lib/apiautomation.php , finally resulti...

alphapept (=0.3.29), api-automation-kit (>=0.2.0 <=0.7.0) +51 more potentially affected by CVE-2022-35918 via streamlit (>=0.63.1 <=1.11.0)

streamlit PYPI version =0.63.1, =0.2.0, =0.0.2, =0.0.4, =0.0.1, =0.1.0, =0.0.2, =0.1.0, =0.1.5, =0.0.1, =0.0.1, =0.0.1, =0.0.7 - gimmick =1.0.0 - hlm-texts =0.1.2 and more Source cves: CVE-2022-35918 Source advisory: OSV:PYSEC-2022-248...

UBUNTU-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

Open Distributed Threat Intelligence: Yeti

Yeti is a platform meant to organize observables, indicators of compromise, TTPs, and knowledge on threats in a single, unified repository. Yeti will also automatically enrich observables e.g. resolve domains, geolocate IPs so that you don’t have to. Yeti provides an interface for humans shiny...