Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Cvelist
Cvelistadded 2025/08/14 1:16 p.m.6 views

CVE-2025-55673 Apache Superset: Metadata exposure in embedded charts

When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly discloses database schema information, such as table names, to the low-privileged guest user. Thi...

5.3CVSS0.00329EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/14 1:16 p.m.3 views

CVE-2025-55673 Apache Superset: Metadata exposure in embedded charts

When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly discloses database schema information, such as table names, to the low-privileged guest user. Thi...

5.3CVSS7.1AI score0.00329EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2019/10/08 4:27 p.m.19 views

New Relic: Cross-account stored XSS at embedded charts

Hey team, I've discovered one more stored XSS, this one is at the embedded chart page. Steps tp reproduce 1 Sign into NR, navigate to any Mobile app - Interactions 2 Click ... near any chart, then choose Embed. Select OK at the confirm box. 3 Intercept the chart embedding POST request: http POST...

6AI score
Exploits0
Hacker One
Hacker Oneadded 2017/06/30 10:35 a.m.36 views

WakaTime: UI Redressing on Embedded Charts

Hi Team, Wanna report you that Embedded Charts part is missing X-Frame-Options header hence vulnerable to clickjacking vulnerability. PoC: Just login to your account and open below html page you can see how simply victim can be clickjacked. Click You've been clickjacked! iframe id="parentFrame"...

0.4AI score
Exploits0
n0where
n0whereadded 2016/12/12 12:51 p.m.57 views

Real Time Performance Monitoring: netdata

Real Time Performance Monitoring Netdata is a daemon that collects data in realtime per second and presents a web site to view and analyze them. The presentation is also real-time and full of interactive charts that precisely render all collected values. netdata is the fastest way to visualize...

7.4AI score
Exploits0References3
Zero Day Initiative
Zero Day Initiativeadded 2015/05/12 12:0 a.m.38 views

Microsoft Word ptCount Element Uninitialized Memory Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS6.4AI score0.36744EPSS
Exploits0References1
Rows per page
Query Builder