2713 matches found
CVE-2024-26276
A vulnerability has been identified in JT2Go All versions V2312.0004, Parasolid V35.1 All versions V35.1.254, Parasolid V36.0 All versions V36.0.207, Parasolid V36.1 All versions V36.1.147, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions...
CVE-2024-26275
A vulnerability has been identified in JT2Go All versions V2312.0004, Parasolid V35.1 All versions V35.1.254, Parasolid V36.0 All versions V36.0.207, Parasolid V36.1 All versions V36.1.147, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions...
CVE-2024-26277
A vulnerability has been identified in JT2Go All versions V2312.0004, Parasolid V35.1 All versions V35.1.254, Parasolid V36.0 All versions V36.0.207, Parasolid V36.1 All versions V36.1.147, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions...
CVE-2024-26276
A vulnerability has been identified in JT2Go All versions V2312.0004, Parasolid V35.1 All versions V35.1.254, Parasolid V36.0 All versions V36.0.207, Parasolid V36.1 All versions V36.1.147, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions...
CVE-2024-26275
A vulnerability has been identified in JT2Go All versions V2312.0004, Parasolid V35.1 All versions V35.1.254, Parasolid V36.0 All versions V36.0.207, Parasolid V36.1 All versions V36.1.147, Teamcenter Visualization V14.2 All versions V14.2.0.12, Teamcenter Visualization V14.3 All versions...
PT-2024-2988 · Siemens · Teamcenter Visualization +2
Name of the Vulnerable Software and Affected Versions: JT2Go versions prior to V2312.0004 Parasolid V35.1 versions prior to V35.1.254 Parasolid V36.0 versions prior to V36.0.207 Parasolid V36.1 versions prior to V36.1.147 Teamcenter Visualization V14.2 versions prior to V14.2.0.12 Teamcenter...
PT-2024-2997 · Siemens · Teamcenter Visualization +2
Name of the Vulnerable Software and Affected Versions: Parasolid versions prior to V35.1.254 Parasolid versions prior to V36.0.207 Parasolid versions prior to V36.1.147 JT2Go versions prior to V2312.0004 Teamcenter Visualization versions prior to V14.2.0.12 Teamcenter Visualization versions prior...
PT-2024-2979 · Siemens · Teamcenter Visualization +2
Name of the Vulnerable Software and Affected Versions: Parasolid V35.1 versions prior to V35.1.254 Parasolid V36.0 versions prior to V36.0.207 Parasolid V36.1 versions prior to V36.1.147 JT2Go versions prior to V2312.0004 Teamcenter Visualization V14.2 versions prior to V14.2.0.12 Teamcenter...
CVE-2024-30269
DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the /de2api/engine/getEngine;.js path via a browser reveals that the platform's database configuration is returned. The vulnerability has...
CVE-2024-30269
Summary: DataEase before version 2.5.0 is vulnerable to a database configuration information exposure via the endpoint /de2api/engine/getEngine;.js. This path returns the platform’s database configuration, enabling disclosure of sensitive information. Affected versions: prior to 2.5.0 (e.g., up t...
Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability
Talos Vulnerability Report TALOS-2024-1950 Open Automation Software OAS Platform OAS Engine Tags Configuration file write vulnerability April 3, 2024 CVE Number CVE-2024-21870 SUMMARY A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software...
CVE-2024-29890
CVE-2024-29890 affects DataLens/DataLens UI components, with a vulnerability in datalens-ui prior to version 0.1449.0. A specially crafted request can create a chart type that passes custom JavaScript, which then executes in an unprotected sandbox on subsequent chart requests. The issue has a kno...
CVE-2024-29890 Remote code execution in datalens-ui
DataLens is a business intelligence and data visualization system. A specifically crafted request allowed the creation of a special chart type with the ability to pass custom javascript code that would later be executed in an unprotected sandbox on subsequent requests to that chart. The problem w...
CVE-2024-29890 Remote code execution in datalens-ui
DataLens is a business intelligence and data visualization system. A specifically crafted request allowed the creation of a special chart type with the ability to pass custom javascript code that would later be executed in an unprotected sandbox on subsequent requests to that chart. The problem w...
Apache Superset Resource Management Error Vulnerability (CNVD-2024-14775)
Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A resource management error vulnerability exists in Apache Superset versions 2.1.2 and earlier, 3.0.0, and 3.0.1, which stems from uncontrolled resource consumption by the application, and can be...
SQL Injection Vulnerability in Damon Qizhi Big Data Visualization System of Wuhan Damon Database Co.
Founded in 2000, Wuhan Damon Database Co., Ltd. is a leading database product development service provider in China. A SQL injection vulnerability exists in Wuhan Damon Database Co., Ltd's Damon Qizhi Big Data Visualization System, which can be exploited by attackers to obtain sensitive database...
Apache Dolphinscheduler Arbitrary File Read Vulnerability
Apache DolphinScheduler is a distributed DAG visualization-based workflow task scheduling system from the Apache Apache Foundation in the United States. Apache Dolphinscheduler suffers from an arbitrary file read vulnerability that can be exploited by an attacker to obtain sensitive information...
[SECURITY] Fedora 40 Update: opentest4j-1.3.0-6.fc40
Open Test Alliance for the JVM is a minimal common foundation for testing libraries on the JVM. The primary goal of the project is to enable testing frameworks like JUnit, TestNG, Spock, etc. and third-party assertion libraries like Hamcrest, AssertJ, etc. to use a common set of exceptions that...
BIT-REDASH-2021-41192
Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the REDASHCOOKIESECRET or REDASHSECRETKEY environment variables, a default value is used for both that is the same across all installations. In such cases, th...
BIT-REDASH-2021-43777
Redash is a package for data visualization and sharing. In Redash version 10.0 and prior, the implementation of Google Login via OAuth incorrectly uses the state parameter to pass the next URL to redirect the user to after login. The state parameter should be used for a Cross-Site Request Forgery...