59 matches found
EUVD-2022-35171
Malicious code in bioql PyPI...
EUVD-2022-35168
Malicious code in bioql PyPI...
EUVD-2022-35170
Malicious code in bioql PyPI...
EUVD-2024-48007
Malicious code in bioql PyPI...
EUVD-2024-48008
Malicious code in bioql PyPI...
EUVD-2022-35172
Malicious code in bioql PyPI...
CVE-2022-2951
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to improper validation of array index vulnerability during processing of H3D files. A DWORD value from a PoC file is extracted and used as an index to write to a buffer, leading to memory corruption...
CVE-2022-2949
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2950
Altair HyperView Player versions 2021.1.0.27 and prior are vulnerable to the use of uninitialized memory vulnerability during parsing of H3D files. A DWORD is extracted from an uninitialized buffer and, after sign extension, is used as an index into a stack variable to increment a counter leading...
CVE-2022-2947
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation...
CVE-2024-6450
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...
CVE-2024-6449
HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...
CVE-2024-6450
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...
CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...
CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting XSS. An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser...
CVE-2024-6450
CVE-2024-6450 affects HyperView Geoportal Toolkit
CVE-2024-6449 Arbitrary cross-domain file inclusion in HyperView Geoportal Toolkit
HyperView Geoportal Toolkit in versions lower than 8.5.0 does not restrict cross-domain requests when fetching remote content pointed by one of GET request parameters. An unauthenticated remote attacker can prepare links, which upon opening will load scripts from a remote location controlled by t...
CVE-2024-6449
HyperView Geoportal Toolkit (versions
HyperView Geoportal Toolkit 安全漏洞
HyperView Geoportal Toolkit is a Map application in a web browser from HyperView, Inc. A security vulnerability exists in HyperView Geoportal Toolkit version 8.2.4 and prior versions, which stems from susceptibility to a reflective cross-site scripting attack in which an unauthenticated attacker...
PT-2024-37637 · Unknown · Hyperview Geoportal Toolkit
Name of the Vulnerable Software and Affected Versions: HyperView Geoportal Toolkit versions prior to 8.2.4 Description: The issue concerns a Reflected Cross-Site Scripting XSS vulnerability. An unauthenticated attacker could trick someone into using a crafted URL, which will cause a script to be...