[SECURITY] Fedora 43 Update: duc-1.4.6-1.fc43

Duc is a collection of tools for indexing, inspecting and visualizing disk usage. Duc maintains a database of accumulated sizes of directories of the file system, and allows you to query this database with some tools, or create fancy graphs showing you where your bytes are...

CVE-2024-58335

OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow-doctype-decl feature is not enabled in visualization/VisualizerImpl.java...

CVE-2024-58335

OpenXRechnungToolbox: AXXE vulnerability exists in versions through 2024-10-05-3.0.0 up to commit 6c50e89, caused by the disallow-doctype-decl feature not being enabled in visualization/VisualizerImpl.java. The issue enables external entity processing and is supported by multiple sources; exploit...

CVE-2024-58335

OpenXRechnungToolbox through 2024-10-05-3.0.0 before 6c50e89 allows XXE because the disallow-doctype-decl feature is not enabled in visualization/VisualizerImpl.java...

Visualisation for the CIS Benchmark Scanning Results

In this paper, we introduce GraphSecure, a web application that provides advanced analysis and visualisation of security scanning results. GraphSecure enables users to initiate scans for their AWS account, validate them against specific Center for Internet Security CIS Benchmarks and return...

CVE-2025-41738

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service DoS condition...

CVE-2025-41738

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service DoS condition...

CVE-2025-41738 CODESYS Control - Invalid type usage in visualization

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service DoS condition...

CVE-2025-41738 CODESYS Control - Invalid type usage in visualization

An unauthenticated remote attacker may cause the visualisation server of the CODESYS Control runtime system to access a resource with a pointer of wrong type, potentially leading to a denial-of-service DoS condition...

CVE-2025-41738

The CVE-2025-41738 entry describes an unauthenticated remote attacker who can cause the CODESYS Control runtime’s visualization server to access a resource using a pointer of the wrong type, potentially causing a denial-of-service (DoS). Across connected sources (Red Hat, CIRCL, NVD, CVE List, EU...

CODESYS Control 安全漏洞

CODESYS Control is a suite of industrial control program programming software from CODESYS, Germany. A security vulnerability exists in CODESYS Control that originates from an unauthenticated, remote attacker can cause the visualization server of the CODESYS Control runtime system to access...

Towards Spring Tools 5 - Stereotypes and a new Structural View

When working on Spring projects, developers do not only think in terms of low-level concepts like classes and interfaces. When using Spring, you think about higher-level abstractions and concepts like services, repositories, configuration classes, entities, aggregate roots, and so on. To bring...

CVE-2025-59840

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 6.2.0, applications meeting 2 conditions are at risk of arbitrary JavaScript code execution, even if "safe mode" expressionInterpreter is used. They...

EUVD-2017-18927

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

CVE-2017-20211

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

CVE-2017-20211 UCanCode E-XD++ Visualization Enterprise Suite Untrusted Pointer Dereference RCE

UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may...

UCanCode E-XD++ Visualization Enterprise Suite 安全漏洞

UCanCode E-XD++ Visualization Enterprise Suite is a visualization development component from the Chinese company UCanCode. A security vulnerability exists in UCanCode E-XD++ Visualization Enterprise Suite that stems from an untrusted pointer dereference issue in the TKDRAWCAD.TKDrawCADCtrl.1...

Teamcenter Visualization WRL File Parsing Vulnerabilities

Siemens Teamcenter Visualization contains multiple file-parsing vulnerabilities in its WRL-file reader that affect versions V14.2, V14.3, V2312, and V2406. If a user opens a specially crafted malicious WRL file, the application may crash or allow arbitrary code execution in the context of the...

Teamcenter Visualization SSO login service Vulnerability

Teamcenter contains an open-redirect vulnerability in its SSO login service affecting Teamcenter V14.1, V14.2, V14.3, V2312, V2406, and V2412; the SSO accepts user-controlled input that can point to external URLs, allowing an attacker to craft a link that redirects a legitimate user to a maliciou...

[SECURITY] Fedora 42 Update: qt5-qtdatavis3d-5.15.18-1.fc42

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...