Malicious code in lezer-promql-tree-viz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75c995399e97f574eb4cc3e4484bfabc69554ee170fa58d38740ba5d058568d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SQL Injection Vulnerability in Multimedia Integrated Service Display System of Beijing Shenzhou Vision Han Technology Co., Ltd (CNVD-2025-18623)

Ltd. is a deep-rooted enterprise in the field of visualization. A SQL injection vulnerability exists in the multimedia integrated business display system of Beijing Divine Vision Han Technology Co. Ltd, which can be exploited by attackers to obtain sensitive information from the database...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to reading data beyond the buffer in memory, allows attackers to gain unauthorized access to protected information.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...

The vulnerability of the 3D viewing tool JT and JT2Go, as well as the Teamcenter Visualization lifecycle management system, relates to buffer overflow in dynamic memory. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in buffer overflow in dynamic memory. Exploiting this vulnerability could allow attackers to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to writing beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to writing beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the ability to write data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code...

VulnCheck KEV: CVE-2024-30269

DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...

IDGraphs: Intrusion Detection and Analysis Using Stream Compositing

Traffic anomalies and attacks are commonplace in today's networks and identifying them rapidly and accurately is critical for large network operators. For a statistical intrusion detection system IDS, it is crucial to detect at the flow-level for accurate detection and mitigation. However, existi...

Open Redirect

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Open Redirect via improper validation of Short URLs within the Discover, Dashboard, and Visualization Library features. An attacke...

The vulnerability of the software product lies in its ability to identify, simulate, and visualize application architectures in real time. The IBMTivoli Application Dependency Discovery Manager (TADDM) is susceptible to this vulnerability due to the lack of measures taken to protect the structure of web pages. This allows attackers to execute cross-site scripting attacks.

The vulnerability of the software product for identifying, modeling, and visualizing application architectures in real time – IBMTivoli Application Dependency Discovery Manager TADDM – is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability...

GHSA-33P9-3P43-82VQ vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server...

[SECURITY] Fedora 42 Update: qt6-qtdatavis3d-6.9.1-1.fc42

Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...

[SECURITY] Fedora 42 Update: qt6-qtgraphs-6.9.1-1.fc42

The Qt Graphs module enables you to visualize data in 3D as bar, scatter, and surface graphs. It's especially useful for visualizing depth maps and large quantities of rapidly changing data, such as data received from multiple sensors. The look and feel of graphs can be customized by using themes...

[SECURITY] Fedora 42 Update: LabPlot-2.12.0-3.fc42

LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...

Redash 安全漏洞

Redash is a suite of data integration and analysis solutions from Redash Israel. The product supports data integration, data visualization, query editing and data sharing. A security vulnerability exists in Redash 10.1.0 and 25.1.0 and earlier versions, which stems from a sandboxing issue with th...

The vulnerability of the Teamcenter Visualization product’s lifecycle management system lies in the fact that operations can escape out of the buffer into memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Teamcenter Visualization product’s lifecycle management system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

CVE-2025-49001

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available...

CVE-2025-49002 Dataease H2 Database Remote Code Execution (RCE) Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through case insensitivity because INIT and RUNSCRIPT are prohibited. The vulnerability has been fixed in...

CVE-2025-48999 Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability

DataEase is an open source business intelligence and data visualization tool. A bypass of CVE-2025-46566's patch exists in versions prior to 2.10.10. In a malicious payload, getUrlType retrieves hostName. Since the judgment statement returns false, it will not enter the if statement and will not ...

Combining Threat Intelligence with IoT Scanning to Predict Cyber Attack

While the Web has become a global platform for communication, malicious actors, including hackers and hacktivist groups, often disseminate ideological content and coordinate activities through the "Dark Web", an obscure counterpart of the conventional web. Presently, challenges such as informatio...