[SECURITY] Fedora 44 Update: LabPlot-2.12.1-17.fc44

LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...

CVE-2024-34429

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Orchestrated Corona Virus COVID-19 Banner & Live Data allows Stored XSS.This issue affects Corona Virus COVID-19 Banner & Live Data: from n/a through 1.8.0.2...

EUVD-2020-24434

Malware in sbrugna...

EUVD-2023-1326

Malicious code in bioql PyPI...

EUVD-2023-0840

Malicious code in bioql PyPI...

ICSLure: a Very High Interaction Honeynet for PLC-Based Industrial Control Systems

The security of Industrial Control Systems ICSs is critical to ensuring the safety of industrial processes and personnel. The rapid adoption of Industrial Internet of Things IIoT technologies has expanded system functionality but also increased the attack surface, exposing ICSs to a growing range...

CVE-2023-29508

XWiki Commons are technical libraries common to several other top level XWiki projects. A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11...

CVE-2023-26480

XWiki Platform is a generic wiki platform. Starting in version 12.10, a user without script rights can introduce a stored cross-site scripting by using the Live Data macro. This has been patched in XWiki 14.9, 14.4.7, and 13.10.10. There are no known workarounds...

CVE-2020-6242

SAP Business Objects Business Intelligence Platform Live Data Connect, versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an attacker to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificate, leading to Missing...

WordPress plugin Corona Virus (COVID-19) Banner & Live Data 跨站脚本漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin...

CVE-2024-34429 WordPress Simple Website Banner plugin <= 1.8.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Orchestrated Corona Virus COVID-19 Banner & Live Data allows Stored XSS.This issue affects Corona Virus COVID-19 Banner & Live Data: from n/a through 1.8.0.2...

PT-2024-25882 · Unknown · Corona Virus (Covid-19) Banner & Live Data

Name of the Vulnerable Software and Affected Versions: Corona Virus COVID-19 Banner & Live Data versions 1.8.0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in the...

WordPress Corona Virus (COVID-19) Banner & Live Data Plugin <= 1.8.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Corona Virus COVID-19 Banner & Live Data Type Plugin Vulnerable versions = 1.8.0.3 Fixed in 1.8.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34429 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cdf584b63570 Credits Rayhan...

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

Improper access control

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

CVE-2024-20325

A vulnerability in the Live Data server of Cisco Unified Intelligence Center could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service on an affected device. This vulnerability is due to insufficient access control implementations o...

PT-2024-1860 · Cisco · Cisco Unified Intelligence Center

Name of the Vulnerable Software and Affected Versions: Cisco Unified Intelligence Center affected versions not specified Description: A vulnerability in the Live Data server could allow an unauthenticated, local attacker to read and modify data in a repository that belongs to an internal service ...

Cross site scripting

XWiki Commons are technical libraries common to several other top level XWiki projects. A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11...

CVE-2023-29508 org.xwiki.platform:xwiki-platform-livedata-macro vulnerable to Cross-site Scripting

XWiki Commons are technical libraries common to several other top level XWiki projects. A user without script rights can introduce a stored XSS by using the Live Data macro, if the last author of the content of the page has script rights. This has been patched in XWiki 14.10, 14.4.7, and 13.10.11...