2714 matches found
OSIsoft PI Vision 安全漏洞
Osisoft OSIsoft PI Vision is a suite of visualization tools from OSIsoft Osisoft USA that supports accessing PI System data from mobile devices, and it supports self-configuration of trends, images, data values, etc. in order to present data information. A security vulnerability exists in OSIsoft...
Apache Superset has an unspecified vulnerability
Apache Superset is a data visualization and data exploration platform from the Apache Foundation. Apache Superset 1.3.1 and earlier versions contain a security vulnerability that could allow an attacker to access the password of an authenticated user's database connection...
Open Design Alliance Drawings SDK 缓冲区错误漏洞
An out-of-bounds write vulnerability exists in Siemens Teamcenter Visualization, which provides team collaboration capabilities for designing 2D and 3D scenes, and can be exploited by attackers to execute code in the context of the current process...
PT-2021-22878 · Siemens · Simatic Pcs 7 +1
Name of the Vulnerable Software and Affected Versions: SIMATIC PCS 7 versions prior to V9.1 SP1 SIMATIC PCS 7 version V8.2 SIMATIC PCS 7 version V9.0 through V9.0 SP3 UC03 SIMATIC WinCC versions prior to V15 SP1 Update 7 SIMATIC WinCC versions prior to V16 Update 5 SIMATIC WinCC versions prior to...
Apache Superset Cross-Site Scripting Vulnerability
A cross-site scripting vulnerability exists in Apache Superset, a data visualization and data exploration platform from the Apache Foundation, U.S. The vulnerability stems from insufficient cleanup of user-supplied data on browser pages. An attacker could exploit the vulnerability to trick victim...
Oracle Linux 8 : grafana (ELSA-2021-3771)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-3771 advisory. - resolve CVE-2021-39226 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...
Have You Checked the New Kubernetes RBAC Swiss Army Knife?
Kubernetes Role-Based Access Control RBAC is a method of regulating access to computer or network resources based on the roles of individual users within your organization. RBAC authorization uses the rbac.authorization.k8s.io API group to drive authorization decisions, allowing you to dynamicall...
CVE-2021-39226
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...
Design/Logic Flaw
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...
CVE-2021-39226
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...
CVE-2021-39226 Snapshot authentication bypass in grafana
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot "publicmode" configurati...
CVE-2021-39226
Grafana CVE-2021-39226 describes a snapshot authentication bypass that allows viewing and deleting the lowest-key snapshot via literal paths. Affected: Grafana snapshot feature (unauthenticated and authenticated users can access /dashboard/snapshot/:key and /api/snapshots/:key to view the lowest-...
Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2021-2375)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ulfius Web Framework Remote Memory Corruption Exploit
Ulfius Web Framework suffers from a remote memory corruption vulnerability. When parsing malformed HTTP requests, a heap-related initialization bug is triggered resulting in a crash in the server or potentially remote code execution with privileges of the running process. !/usr/bin/python3 guul.p...
Ulfius Web Framework Remote Memory Corruption
!/usr/bin/python3 guul.py Ulfius Web Framework Remote Memory Corruption Vulnerability Jeremy Brown Sept 2021 Intro Ulfius Web Framework is used by a number of different projects to build web services. Some of the projects tested and confirmed vulnerable are Glewlwyd SSO Server, Taliesin Audio...
adalanche - Active Directory ACL Visualizer and Explorer
Tags: API Documentation, Access, Active Directory, Analysis, Binary, LDAP, Linux, Max, Memory, Parameter, Reverse, Takeover, Windows, pwned, Adalanche adalanche - Active Directory ACL Visualizer - who's really Domain Admin? Adalanche - Active Directory Acl Visualizer - Who'S Really Domain Admin?...
Nagios XI file inclusion vulnerability
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting, and rich data visualization.A local file inclusion vulnerability exists in versions of Nagios XI prior to 5.8.5. The vulnerability stems from an improper...
Siemens Jt2go and Siemens Teamcenter Visualization Out-of-Bounds Read Vulnerability (CNVD-2021-61121)
Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. A security vulnerability exists in Siemens Jt2go and Siemens Teamcenter Visualization, which stems from the lack of proper validation of...
Siemens Jt2go and Teamcenter Visualization null pointer dereference vulnerability
Siemens Jt2go is a JT file viewer. Siemens Teamcenter Visualization is a software that provides team collaboration capabilities for designing 2D and 3D scenes. a security vulnerability exists in Siemens Jt2go and Teamcenter Visualization, which stems from the fact that when parsing specially...
CVE-2021-33738
A vulnerability has been identified in JT2Go All versions V13.2.0.2, Teamcenter Visualization All versions V13.2.0.2. The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past th...