EUVD-2022-41828

Malicious code in bioql PyPI...

PT-2023-8239 · Siemens · Jt2Go +1

Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to 14.3.0.6 Teamcenter Visualization V13.3 versions prior to 13.3.0.13 Teamcenter Visualization V14.1 versions prior to 14.1.0.12 Teamcenter Visualization V14.2 versions prior to 14.2.0.9 Teamcenter Visualization V14.3...

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration that could lead to remote code execution. The vulnerability, tracked as CVE-2023-27524 CVSS score: 8.9, impacts versions up to and including 2.0.1 and relat...

CVE-2022-39362

Metabase is affected by CVE-2022-39362 due to unsafely auto-executing unsaved/native SQL queries in certain older releases. Affected versions include 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9 (prior to patch). The underlying issue allowed native queries to be executed aut...

CVE-2022-39362 Metabase vulnerable to arbitrary SQL execution from queryhash

Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, unsaved SQL queries are auto-executed, which could pose a possible attack vector. This issue is patched in versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9...

CVE-2022-39358

Metabase is vulnerable to a parameter-control bypass in embedded dashboards: a remote attacker can craft a malicious request to the backend to circumvent locked parameters when requesting data for a question. The issue affects Metabase versions prior to 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, and...

Siemens Jt2go 缓冲区错误漏洞

JT2Go is a 3D JT viewing tool, Teamcenter visualization software enables organizations to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The software allows business users to access documents, 2D drawings and 3D models in a sing...

Siemens Jt2go 缓冲区错误漏洞

JT2Go, a 3D JT viewing tool, and Teamcenter Visualization software enable companies to enhance their Product Lifecycle Management PLM environments with a comprehensive family of visualization solutions. The software allows business users to access documents, 2D drawings and 3D models in a single...

PT-2021-22878 · Siemens · Simatic Pcs 7 +1

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP1 SIMATIC PCS 7 version V8.2 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC03 SIMATIC WinCC versions prior to V15 SP1 Update 7 SIMATIC WinCC versions prior to V16 Update 5 SIMATIC WinCC versions prior to...

Siemens Jt2go 和 Siemens Teamcenter Visualization 缓冲区错误漏洞

Siemens Jt2go is a JT file viewer.Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios. A buffer over-read vulnerability exists in Siemens JT2Go versions prior to 13.2 and Teamcenter Visualization versions prior to 13.2. The...

JT2Go and Teamcenter Visualization Stack Buffer Overflow Vulnerability

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML with existing JT, VFZ, CGM, TIF data.Teamcenter visualization software enables companies to enhance their Product Lifecycle Management PLM environments.The software gives business users access to documents in a...

Siemens TIA Administrator Authentication Vulnerability

Simatic WinCC TIA Portal is engineering software for configuring and programming Simatic panels, Simatic Industrial PCs and standard PC Winccruntime professional visualization software running WinCC Runtime Advanced or SCADA systems. An authentication vulnerability exists in Siemens TIA...

Unspecified Remote Command Injection Vulnerability in Network Vision IntraVue

Network Vision IntraVue is a visualization software package from Network Vision, Inc. that provides diagnostic analysis for Ethernet devices. Network Vision IntraVue suffers from an unspecified remote command injection vulnerability. A remote attacker could exploit this vulnerability to execute...

ICONICS Dialog Wrapper Module ActiveX control vulnerable to buffer overflow

Overview ICONICS Dialog Wrapper Module ActiveX control contains a buffer overflow. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system. Description OLE for Process Control OPC is a specification for a standard set of OLE COM objects for use in the proce...