2713 matches found
Apache Superset Information Disclosure Vulnerability (CNVD-2023-70276)
Apache Superset is an open source data visualization tool based on Python. A security vulnerability in the Apache Superset stack trace error handling can be exploited by a remote attacker to submit a special request that can obtain sensitive information...
Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-78381)
LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...
Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-78383)
LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...
Apache Superset Code Execution Vulnerability
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A code execution vulnerability exists in Apache Superset version 2.1.0 and earlier, which can be exploited by an attacker to remotely execute code on a Web backend...
Apache Superset Authorization Issues Vulnerability
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset version 2.1.0 and prior versions have an authorization issue vulnerability that stems from incorrect authorization checks in SQLLab. An attacker can exploit the vulnerability to...
Apache Superset Unauthorized Access Vulnerability
Apache Superset is a Python language based development of open source fashionable data exploration and analysis and visualization of the reporting platform , support for rich data sources , and has a colorful visualization of the charts to choose from . An unauthorized access vulnerability exists...
Logic flaw vulnerability in LiveGBS of Anhui Green Persimmon Information Technology Co., Ltd (CNVD-2023-72138)
LiveGBS is a national standard GB28181 streaming media service software , can provide to provide user management and Web visualization page management , open source front-end page source code ; to provide device status management , you can real-time view of whether the device is offline and other...
CVE-2023-39512
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...
Cross site scripting
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...
Cross site scripting
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...
CVE-2023-39516
CVE-2023-39516 affects Cacti. It is a Stored Cross-Site Scripting (XSS) vulnerability in the data_sources.php component that can be exploited by an authenticated user with the General Administration > Sites/Devices/Data permission to poison data stored in the Cacti database. The poisoned data ...
CVE-2023-39516 Stored Cross-Site-Scripting on data_sources.php debug html-block in Cacti
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...
CVE-2023-39366
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...
CVE-2023-39366
CVE-2023-39366 affects Cacti (web-based monitoring) with a stored XSS in the data_sources view caused by malicious device-name configuration via host.php; the payload can execute in admin users’ browsers when viewing data sources. Affected versions are mitigated by upgrading to Cacti 1.2.25. If u...
CVE-2023-39366 Stored Cross-site Scripting in data_sources.php through Device-Name in 'select' input in Cacti
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...
CVE-2023-39512
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...
CVE-2023-39512
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability which allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti...
The vulnerability of the 3D viewing tool JT JT2Go, the Product Lifecycle Management system Teamcenter Visualization, and the design tool suite lies in the ability to write code outside the buffer memory, allowing attackers to execute arbitrary code.
The vulnerability of the 3D viewing tool JT/JT2Go, part of the Teamcenter Visualization product lifecycle management system, lies in the ability to write data beyond the buffer limit in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code by introducing a speciall...
The vulnerability of Parasolid’s 3D geometric modeling tool and Teamcenter Visualization’s product lifecycle management system lies in their ability to distribute resources indefinitely, allowing attackers to trigger service failures.
The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system lies in the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
GHSA-R726-VMFQ-J9J3 vulnerabilities
Vulnerabilities for packages: kubeflow-pipelines-visualization-server...