PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data

PANO is a powerful OSINT investigation platform that combines graph visualization, timeline analysis, and AI-powered tools to help you uncover hidden connections and patterns in your data. Getting Started 1. Clone the repository: bash git clone https://github.com/ALW1EZ/PANO.git cd PANO 2. Run th...

CVE-2025-30206

Dpanel is a Docker visualization panel system which provides complete Docker management functions. The Dpanel service contains a hardcoded JWT secret in its default configuration, allowing attackers to generate valid JWT tokens and compromise the host machine. This security flaw allows attackers ...

Dpanel 安全漏洞

Dpanel is a lightweight Docker visualization management panel open-sourced by Donknap that provides comprehensive container management features. A security vulnerability exists in Dpanel that stems from the inclusion of hardcoded JWT keys in the default configuration, which could lead to host...

Demtec Graphytics 代码注入漏洞

Demtec Graphytics is an application from Demtec Corporation. A code injection vulnerability exists in Demtec Graphytics version 5.0.7 that stems from improper handling of the description parameter in the /visualization file, which could lead to a cross-site scripting attack...

Demtec Graphytics 代码注入漏洞

Demtec Graphytics is an application from Demtec Corporation. A code injection vulnerability exists in Demtec Graphytics version 5.0.7 that stems from improper handling of HTTP GET parameters in the /visualization file, which could lead to a cross-site scripting attack...

Langflow Remote Code Execution Vulnerability

Langflow is Langflow open source a visualization framework for building multi-agent and RAG applications . A remote code execution vulnerability exists in Langflow that can be exploited by an attacker to send a crafted HTTP request to execute arbitrary code...

[SECURITY] Fedora 40 Update: zabbix-6.0.39-1.fc40

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

[SECURITY] Fedora 42 Update: zabbix-7.2.5-1.fc42

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

[SECURITY] Fedora 41 Update: zabbix-7.0.11-1.fc41

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

Philips IntelliSpace Portal 安全漏洞

Philips IntelliSpace Portal is an advanced medical image analysis platform from Philips Netherlands that provides multimodal image processing and automated diagnostic tools. A security vulnerability exists in Philips IntelliSpace Portal version 12 and earlier and Advanced Visualization Workspace...

Langflow 安全漏洞

Langflow is Langflow open source a visualization framework for building multi-agent and RAG applications . A remote code execution vulnerability exists in Langflow that can be exploited by an attacker to send a crafted HTTP request to execute arbitrary code...

PT-2025-15271 · Philips · Advanced Visualization Workspace +1

Name of the Vulnerable Software and Affected Versions: Intellispace Portal versions 12 and prior Advanced Visualization Workspace version 15 Description: The issue is related to the lack of protection mechanisms in the Intellispace Portal binaries, making it possible for attackers to...

CVE-2025-0417

Lack of protection against brute force attacks in Valmet DNA visualization in DNA Operate. The possibility to make an arbitrary number of login attempts without any rate limit gives an attacker an increased chance of guessing passwords and then performing switching operations...

Siemens Teamcenter Visualization and Siemens Tecnomatix Plant Simulation Resource Management Error Vulnerability

Siemens Teamcenter Visualization is software that provides teamwork capabilities for designing 2D and 3D scenarios. The software simplifies the engineering and manufacturing process by creating virtual prototypes from a variety of mechanical computer-aided design MCAD formats.Siemens Tecnomatix...

Siemens Teamcenter Visualization and Siemens Tecnomatix Plant Simulation Buffer Overflow Vulnerability

Siemens Teamcenter Visualization is software that provides teamwork capabilities for designing 2D and 3D scenarios. The software simplifies the engineering and manufacturing process by creating virtual prototypes from a variety of mechanical computer-aided design MCAD formats.Siemens Tecnomatix...

@ekyc_qoobiss/qbs-cid-cmp (>=1.0.5 <=1.5.9), @ekyc_qoobiss/qbs-ect-cmp (>=1.2.0 <=4.8.0) +56 more potentially affected by CVE-2025-27793 via vega-functions (>=5.10.0 <=5.16.0)

vega-functions NPM version =5.10.0, =1.0.5, =1.2.0, =0.0.2, =0.1.2, =0.5.0, =1.0.0, =1.0.7, =0.1.4, =0.6.2, =1.0.1, =2.8.0-canary.140, =2.27.0 and more Source cves: CVE-2025-27793 Source advisory: OSV:GHSA-963H-3V39-3PQF...

CVE-2025-27793

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...

UBUNTU-CVE-2025-26619

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...

CVE-2025-27793 Vega vulnerable to Cross-site Scripting via RegExp.prototype[@@replace]

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 5.32.0, corresponding to vega-functions prior to version 5.17.0, users running Vega/Vega-lite JSON definitions could run unexpected JavaScript code...

CVE-2025-26619 Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode `expressionInterpeter`

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...