2713 matches found
CVE-2025-59842 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
GHSA-VVFJ-2JQX-52JM vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
State-Of-The-Art in Software Security Visualization: a Systematic Review
Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into easily digestible visual formats. As software systems get...
Cyber Threat Hunting: Non-Parametric Mining of Attack Patterns from Cyber Threat Intelligence for Precise Threats Attribution
With the ever-changing landscape of cyber threats, identifying their origin has become paramount, surpassing the simple task of attack classification. Cyber threat attribution gives security analysts the insights they need to device effective threat mitigation strategies. Such strategies empower...
Enhancing Cyber Threat Hunting -- a Visual Approach with the Forensic Visualization Toolkit
In today's dynamic cyber threat landscape, organizations must take proactive steps to bolster their cybersecurity defenses. Cyber threat hunting is a proactive and iterative process aimed at identifying and mitigating advanced threats that may go undetected by traditional security measures. Rathe...
A Decade-Long Landscape of Advanced Persistent Threats: Longitudinal Analysis and Global Trends
An advanced persistent threat APT refers to a covert, long-term cyberattack, typically conducted by state-sponsored actors, targeting critical sectors and often remaining undetected for long periods. In response, collective intelligence from around the globe collaborates to identify and trace...
Datart 安全漏洞
Datart is running-elephant's open source generation open platform for data visualization. A security vulnerability exists in Datart 1.0.0-rc3 and earlier versions, which stems from the use of hard-coded keys in the datart/security/src/main/java/datart/security/util/AESUtil.java file...
Human-AI Collaborative Bot Detection in MMORPGs
In Massively Multiplayer Online Role-Playing Games MMORPGs, auto-leveling bots exploit automated programs to level up characters at scale, undermining gameplay balance and fairness. Detecting such bots is challenging, not only because they mimic human behavior, but also because punitive actions...
graph-rag-poc
Graph RAG Pipeline - Proof of Concept A locally-executable Gr...
DataEase 安全漏洞
DataEase is an open source data visualization and analysis tool from DataEase Open Source. It is used to help users quickly analyze data and gain insight into business trends for business improvement and optimization. DataEase version before 2.10.12 has a security vulnerability , the vulnerabilit...
Linux Distros Unpatched Vulnerability : CVE-2016-6615
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS issues were discovered in phpMyAdmin. This affects navigation pane and database/table hiding feature a specially-crafted database name can be used to trigg...
CVE-2025-55672
A stored Cross-Site Scripting XSS vulnerability exists in Apache Superset's chart visualization. An authenticated user with permissions to edit charts can inject a malicious payload into a column's label. The payload is not properly sanitized and gets executed in the victim's browser when they...
PT-2025-33271 · Apache · Apache Superset
Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 5.0.0 Description: A stored Cross-Site Scripting XSS issue exists in the chart visualization feature. An authenticated user with chart editing permissions can inject a malicious payload into a column's label...
[SECURITY] Fedora 41 Update: polymake-4.13-5.fc41
Polymake is a tool to study the combinatorics and the geometry of convex polytopes and polyhedra. It is also capable of dealing with simplicial complexes, matroids, polyhedral fans, graphs, tropical objects, and so forth. Polymake can use various computational packages if they are installed. Thos...
[SECURITY] Fedora 42 Update: polymake-4.14-2.fc42
Polymake is a tool to study the combinatorics and the geometry of convex polytopes and polyhedra. It is also capable of dealing with simplicial complexes, matroids, polyhedral fans, graphs, tropical objects, and so forth. Polymake can use various computational packages if they are installed. Thos...
GHSA-3C93-92R7-J934 Grafana Infinity Datasource Plugin SSRF Vulnerability
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341
CVE-2025-8341 concerns the Grafana Infinity Datasource Plugin. The connected documents describe an SSRF-type issue where, if the plugin’s allowlist is misused, an attacker could bypass URL restrictions and trigger server-side requests to unintended resources. The vulnerability is tied to the plug...
PT-2025-31801 · Grafana · Infinity Datasource Plugin +1
Name of the Vulnerable Software and Affected Versions: Grafana versions prior to 3.4.1 Description: Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML...
Detecting and Visualizing Lateral Movement Attacks with Trellix XDR
Detecting and Visualizing Lateral Movement Attacks with Trellix Helix Connect By Maulik Maheta and Adithya Chandra · July 17, 2025 Executive summary This blog marks the third installment in our series on detecting and visualizing lateral movement attacks with Trellix Helix Connect. A lateral...