177 matches found
CVE-2018-15665
An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...
Design/Logic Flaw
An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...
CVE-2018-15665
CDSW (Cloudera Data Science Workbench) is affected for versions 1.2.x through 1.4.0. The issue allows unauthenticated users to obtain a list of user accounts, constituting an information-disclosure vulnerability. The available connected sources confirm the affected product and vulnerable behavior...
CVE-2018-15665
An issue was discovered in Cloudera Data Science Workbench CDSW 1.2.x through 1.4.0. Unauthenticated users can get a list of user accounts...
Cloudera Data Science Workbench SQL Injection Vulnerability
Cloudera Data Science Workbench CDSW is a suite of data science platforms from Cloudera. The platform provides organizations with fast, easy and secure self-service data science support. A SQL injection vulnerability exists in Cloudera CDSW versions 1.4.0 through 1.4.2. The vulnerability stems fr...
CVE-2018-20091
An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...
Sql injection
An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...
CVE-2018-20091
An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...
CVE-2018-20091
An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...
Why Election Trust is Dwindling in a Post-Cambridge Analytica World
LONDON, UK – The 2018 Facebook-Cambridge Analytica incident opened the world’s eyes to how much private user data was being collected, shared and sold. But experts worry that future ramifications of this scandal go way beyond Facebook and have created distrust in the election process as a whole...
Learning to Rank Strings Output for Speedier Malware Analysis
Reverse engineers, forensic investigators, and incident responders have an arsenal of tools at their disposal to dissect malicious software binaries. When performing malware analysis, they successively apply these tools in order to gradually gather clues about a binary’s function, design detectio...
TIBCO Data Science Unauthorized Modification Vulnerability
TIBCO Spotfire Data Science is a data analytics platform. A security vulnerability exists in TIBCO Spotfire Data Science, which can be exploited by a remote attacker to submit a special request that can delete or modify data with elevated privileges...
TIBCO Data Science Cross-Site Request Forgery Vulnerability
TIBCO Spotfire Data Science is a data analytics platform. A security vulnerability exists in TIBCO Spotfire Data Science that can be exploited by an attacker to submit a special request that can spoof information about other users...
CVE-2019-8989
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...
CVE-2019-8987
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...
CVE-2019-8987
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site scripting vulnerability that theoretically allows an authenticated user to gain access to all the capabilities of the web interface available to...
CVE-2019-8989
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...
CVE-2019-8988
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...
CVE-2019-8988
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a persistent cross-site contains a vulnerability that theoretically allows a user to escalate their privileges on the affected system, in a way that may allow for data...
Design/Logic Flaw
The application server component of TIBCO Software Inc.'s TIBCO Data Science for AWS, and TIBCO Spotfire Data Science contains a vulnerability that theoretically enables a user to spoof their account to look like a different user in the affected system. Affected releases are TIBCO Software Inc.'s...