Apache Superset Information Disclosure Vulnerability (CNVD-2024-0681549)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An information disclosure vulnerability exists in Apache Superset versions prior to 2.1.2, which can be exploited by an authenticated attacker to read configured CSS templates and comments...

Apache Superset Information Disclosure Vulnerability (CNVD-2023-9666229)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. An information disclosure vulnerability exists in Apache Superset versions prior to 3.0.0, which stems from the application's inadequate protection of sensitive information and can be exploited b...

Apache Superset Cross-Site Scripting Vulnerability (CNVD-2023-9665948)

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A cross-site scripting vulnerability exists in Apache Superset versions prior to 2.1.2, which stems from the presence of incorrect payload validation and incorrect REST API response type issues. ...

File Upload Vulnerability in Yonghong BI of Beijing Yonghong Business Intelligence Technology Co.

Beijing Yonghong Business Intelligence Technology Co., Ltd. is committed to providing global enterprises with big data technology products and services, relying on independent intellectual property rights of the one-stop big data platform to form a perfect product and service system, with...

The vulnerability of the application software interface for data visualization software Apache Superset allows a hacker to probe connections with the database.

The vulnerability of the application software interface for data visualization in Apache Superset is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to remotely check database connections...

Why Cool Dashboards Don’t Equal Effective Security Analytics

Mark Twain once said, “Data is like garbage. You’d better know what you are going to do with it before you collect it.” This statement rings true in todays cybersecurity landscape. Security professionals are inundated with a flood of data, and often, they dont know how to make sense of it. To add...

Siemens SINEMA Server V14 Cross-Site Scripting Vulnerability

Siemens SINEMA Server is a software from Siemens, Germany, developed specifically for industrial applications. It enables you to fully visualize and monitor your network. A cross-site scripting vulnerability exists in Siemens SINEMA Server V14 due to an affected application incorrectly clearing...

The vulnerability of Parasolid’s 3D geometric modeling tool and Teamcenter Visualization’s product lifecycle management system lies in the ability to read data beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system lies in the reading of data beyond the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code using a specially created XT file...

The vulnerability of Parasolid’s 3D geometric modeling tool, along with the Teamcenter Visualization product lifecycle management system, relates to reading data beyond the buffer in memory. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool, as well as the Teamcenter Visualization product lifecycle management system, relates to reading beyond the buffer in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code using specially created XT files...

The vulnerability of Parasolid’s 3D geometric modeling tool, along with the Teamcenter Visualization product lifecycle management system, relates to reading beyond the buffer in memory. This allows a malicious actor to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool, as well as the Teamcenter Visualization product lifecycle management system, relates to reading beyond the buffer in memory. Exploiting this vulnerability could allow attackers to execute arbitrary code using specially created XT files...

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system lies in the reading of data outside the buffer in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...

Sekiryu - Comprehensive Toolkit For Ghidra Headless

This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide range of scripts that can be executed both inside and alongside Ghidra, enabling users to perform tasks such as...

FUXA Security Breach

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA that stems from vulnerability to a local attack contained via /api/download...

FUXA Security Breach

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA that stems from the presence of a local file inclusion vulnerability...

FUXA SQL Injection Vulnerability

FUXA is an open source web-based process visualization SCADA/HMI/Dashboard software. A security vulnerability exists in FUXA that stems from the presence of a SQL injection vulnerability...

The vulnerability of the Apache Superset data visualization software lies in authentication errors, which allow an attacker to gain read access to the database.

The vulnerability of the Apache Superset data visualization software is related to authentication errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain read access to the database...

The vulnerability of the 3D viewing tool JT and JT2Go, as well as the Teamcenter Visualization lifecycle management system, relates to buffer overflow in dynamic memory. This vulnerability allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in buffer overflow in dynamic memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using a specially created WRL file...

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system, related to access to resources through incompatible types, allows attackers to execute arbitrary code.

The vulnerability of the 3D viewing tool JT and the Teamcenter Visualization lifecycle management system lies in the access to resources through incompatible types. Exploiting this vulnerability allows attackers to execute arbitrary code using a specially created WRL file...