2713 matches found
CVE-2026-39377 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter, kubeflow-pipelines-visualization-server...
GHSA-4C99-QJ7H-P3VG vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter, kubeflow-pipelines-visualization-server...
CVE-2026-39378 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter, kubeflow-pipelines-visualization-server...
GHSA-7JQV-FW35-GMX9 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, datahub-ingestion-fips, tensorflow-gpu-jupyter, kubeflow-pipelines-visualization-server...
GHSA-7JQV-FW35-GMX9 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
GHSA-4C99-QJ7H-P3VG vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
CVE-2026-39378 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
CVE-2026-39377 vulnerabilities
Vulnerabilities for packages: tensorflow-cpu-jupyter, kubeflow-pipelines-visualization-server...
[SECURITY] Fedora 44 Update: qt6-qtdatavis3d-6.10.3-1.fc44
Qt Data Visualization module provides multiple graph types to visualize data in 3D space both with C++ and Qt Quick 2...
[SECURITY] Fedora 44 Update: LabPlot-2.12.1-17.fc44
LabPlot is a FREE, open source and cross-platform Data Visualization and Analysis software accessible to everyone. - High-quality Data Visualization and Plotting with just a few clicks - Reliable and easy Data Analysis and Statistics, no coding required! - Intuitive and fast Computing with...
EUVD-2026-23291
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query string...
EUVD-2026-23284
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied sort value to the...
[SECURITY] Fedora 42 Update: polymake-4.15-3.fc42
Polymake is a tool to study the combinatorics and the geometry of convex polytopes and polyhedra. It is also capable of dealing with simplicial complexes, matroids, polyhedral fans, graphs, tropical objects, and so forth. Polymake can use various computational packages if they are installed. Thos...
CVE-2026-6309
Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2026-21904
Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...
Apache Storm UI: Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata
Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...
CVE-2026-35565 Apache Storm UI: Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Storm UI
Stored Cross-Site Scripting XSS via Unsanitized Topology Metadata in Apache Storm UI Versions Affected: before 2.8.6 Description: The Storm UI visualization component interpolates topology metadata including component IDs, stream names, and grouping values directly into HTML via innerHTML in...
CVE-2026-35565
The CVE affects Apache Storm UI before 2.8.6. The Storm UI visualization component interpolates topology metadata (component IDs, stream names, grouping values) directly into HTML via innerHTML in parseNode() and parseEdge() without sanitization, enabling stored XSS when an authenticated user wit...
GHSA-P423-J2CM-9VMQ vulnerabilities
Vulnerabilities for packages: mitmproxy, in-toto, mycli, kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-volumes-web-app, superset, py3-cassandra-medusa, kserve, open-webui, dask-kubernetes, jupyter-base-notebook, ggshield, airflow, semgrep, kubeflow-pipelines-visualization-server, datadog-agent...
CVE-2026-39892 vulnerabilities
Vulnerabilities for packages: mitmproxy, in-toto, mycli, kubeflow-jupyter-web-app, k8s-sidecar, kubeflow-volumes-web-app, superset, py3-cassandra-medusa, kserve, open-webui, dask-kubernetes, jupyter-base-notebook, ggshield, airflow, semgrep, kubeflow-pipelines-visualization-server, datadog-agent...