CVE-2021-44835

CVE-2021-44835 affects Active Intelligent Visualization 5, where the Vdc header is used directly in SQL queries without sanitization, leading to SQL injection. The vulnerability is documented across multiple sources (NVD/NVDC/CVE lists and third-party advisories) with a reported high/critical imp...

AIVHUB Active Intelligent Visualization 5 SQL注入漏洞

AIVHUB Active Intelligent Visualization is a powerful reporting and data visualization server from AIVHUB India. A security vulnerability exists in AIVHUB Active Intelligent Visualization 5, which stems from the use of uncleaned Vdc headers in SQL queries...

PT-2022-12239 · Unknown · Active Intelligent Visualization

Name of the Vulnerable Software and Affected Versions: Active Intelligent Visualization version 5 Description: An issue was discovered where the Vdc header is used in a SQL query without being sanitized, causing SQL injection. Recommendations: For Active Intelligent Visualization version 5,...

GHSA-XFHG-9PJG-XG7G VTK NULL pointer dereference vulnerability

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

DEBIAN-CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

UBUNTU-CVE-2021-42521

There is a NULL pointer dereference vulnerability in VTK before 9.2.5, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer...

PYSEC-2022-255

There is a NULL pointer dereference vulnerability in VTK, and it lies in IO/Infovis/vtkXMLTreeReader.cxx. The vendor didn't check the return value of libxml2 API 'xmlDocGetRootElement', and try to dereference it. It is unsafe as the return value can be NULL and that NULL pointer dereference may...

VTK 代码问题漏洞

VTK is an open source software system for image processing, 3D graphics, body drawing and visualization. VTK suffers from a code issue vulnerability that stems from its IO/Infovis/vtkXMLTreeReader.cxx component not checking the return value of the libxml2 API "xmlDocGetRootElement" and attempting...

Format string

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

CVE-2022-34838 ABB Ability TM Operations Data Management Zenon Zenon Log Server file access control

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

PT-2022-22387 · Abb · Abb Zenon

Name of the Vulnerable Software and Affected Versions: ABB Zenon version 8.20 Description: The issue allows an attacker to add or alter data points and corresponding attributes. Once such engineering data is used, the data visualization will be altered for the end user. Recommendations: For ABB...

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

CVE-2022-1989

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

CVE-2022-1989

CVE-2022-1989 affects CODESYS Visualization versions prior to V4.2.0.0. Root cause: the login dialog exposes information that enables an unauthenticated, remote attacker to enumerate valid users. Impact is information disclosure (user enumeration) with potential for targeted misuse. Affected prod...

CVE-2022-1989 CODESYS Visualization vulnerable to user enumeration

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users...

CODESYS 安全漏洞

CODESYS is a controller development system from 3S-Smart Software Solutions, Germany. A security vulnerability exists in CODESYS Visualization versions prior to V4.2.0.0, which originates from a login dialog box that is susceptible to information disclosure and can be exploited by an attacker to...

PT-2022-14241 · 3S Smart Software Solutions · Codesys Visualization

Name of the Vulnerable Software and Affected Versions: CODESYS Visualization versions prior to V4.2.0.0 Description: The issue allows a remote, unauthenticated attacker to enumerate valid users due to information exposure in the login dialog. Recommendations: For versions prior to V4.2.0.0, updat...

CVE-2021-32862 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

CVE-2021-32862 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

GHSA-9JMQ-RX5F-8JWQ vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...