The vulnerability of the APDFL library used by the 3D JT JT2Go viewer and the Teamcenter Visualization lifecycle management system allows a perpetrator to execute arbitrary code or trigger a service failure.

The vulnerability of the APDFL viewer tool for 3D JT and JT2Go, as well as the Teamcenter Visualization lifecycle management system, relates to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code or cause service...

Fedora: Security Advisory for golang-github-google-pprof (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-10.fc36

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

Reflected XSS on conversion filter function

Description Fava v1.22 have a conversion filter function on income statement dashboard which allow user to perform XSS due to improper validation on filter conversion. Proof of Concept 1 Navigate to Fava demo instance https://fava.pythonanywhere.com/example-beancount-file/incomestatement/. 2 Filt...

CVE-2022-34838

Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user...

DataEase 安全漏洞

DataEase is an open source data visualization and analysis tool. Used to help users quickly analyze data and insight into business trends , so as to achieve business improvement and optimization . DataEase v1.11.1 There is a security vulnerability , the vulnerability stems from the plug-in...

[SECURITY] Fedora 35 Update: golang-github-sqshq-sampler-1.1.0-9.fc35

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

Fedora: Security Advisory for golang-github-google-pprof (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: golang-github-google-pprof-0-16.20210802gitc50bf4f.fc35

Pprof is a tool for visualization and analysis of profiling data. Pprof reads a collection of profiling samples in profile.proto format and generates reports to visualize and help analyze the data. It can generate both text and graphical reports through the use of the dot visualization package...

Siemens Teamcenter Visualization and JT2Go缓冲区溢出漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Open Design Alliance Drawings SDK 缓冲区错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Open Design Alliance Drawings SDK 访问控制错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Siemens JT2Go and Teamcenter Visualization Out-of-Bounds Read Vulnerability (CNVD-2022-51434)

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Open Design Alliance Drawings SDK 缓冲区错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Siemens JT2Go and Teamcenter Visualization Out-of-Bounds Read Vulnerability (CNVD-2022-51433)

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

Siemens JT2Go and Teamcenter Visualization越界读取漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

[SECURITY] Fedora 36 Update: golang-github-sqshq-sampler-1.1.0-9.fc36

Tool for shell commands execution, visualization and alerting. Configured with a simple YAML file...

Siemens Teamcenter Visualization 缓冲区错误漏洞

JT2Go is a 3D JT viewing tool that allows users to view JT, PDF, Solid Edge, PLM XML, and available JT, VFZ, CGM, and TIF data. teamcenter Visualization enables companies to enhance their product lifecycle management PLM environments with a comprehensive family of visualization solutions. The...

How to do Feature Selection Using Feature Contribution Data

Feature contribution is a method to give a weight to each feature that reflects its impact on the model’s prediction. Feature contribution can be calculated on an entire dataset or a single data point. In our previous blog post, we showed how to visualize feature contributions to make it easy to...

Siemens Datalogics File Parsing Vulnerability

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: Teamcenter Visualization and JT2Go Vulnerability: Heap-based buffer Overflow 2. UPDATE This updated advisory is a follow-up to the original advisory titled ICSA-22-195-07 Siemens Datalogics file Parsing...