21 matches found
EUVD-2019-5625
Malware in sbrugna...
EUVD-2022-32384
Malicious code in bioql PyPI...
CVE-2024-44116
The RFC enabled function module allows a low privileged user to add any workbook to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces. There is low impact on integrity of the application...
CVE-2024-44116
CVE-2024-44116 concerns SAP NetWeaver ABAP/ABAP Platform where an RFC-enabled function module can be abused by a low-privileged user to add any workbook to any user’s workplace favourites. The consequence is exposure of usernames and access information about targeted users’ workplaces, with low i...
SAP NetWeaver Application Server 安全漏洞
SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that stems from an RFC-enabled function module that allows a low-privileged user to add any workbook to any user's workplace favorites...
Microsoft Azure Machine Learning Service Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of credentials within Azure Machine Learning Service workbooks. The issue results from storing...
Microsoft Azure Machine Learning Service JWT Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of JWT tokens within Azure Machine Learning Service workbooks. The issue results from storing...
Microsoft Azure Machine Learning Service Cleartext Storage of Credentials Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on Microsoft Azure. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of credentials within Azure Machine Learning Service workbooks. The issue results from storing...
CVE-2022-27896
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgra...
CVE-2022-27896
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgra...
Design/Logic Flaw
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgra...
CVE-2022-27896
Summary: CVE-2022-27896 affects Palantir Foundry Code-Workbooks. The vulnerability arises from the endpoint backing the Code-Workbooks Python console generating service logs that included the Foundry token, causing information exposure via log files. Affected versions: Code-Workbooks 4.144 throug...
CVE-2022-27896 The Foundry Code-Workbooks service was found to contain an issue leading to information disclosure.
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgra...
CVE-2022-27896 The Foundry Code-Workbooks service was found to contain an issue leading to information disclosure.
Information Exposure Through Log Files vulnerability discovered in Foundry Code-Workbooks where the endpoint backing that console was generating service log records of any Python code being run. These service logs included the Foundry token that represents the Code-Workbooks Python console. Upgra...
Palantir 日志信息泄露漏洞
Palantir is a data platform from Palantir, Inc. that reimagines how people use data by removing the barriers between back-end data management and front-end data analysis. A log information disclosure vulnerability exists in Palantir Foundry Code-Workbooks versions 4.144 through 4.460.0, which...
PT-2020-5259 · Microsoft · Office Web Apps +3
Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Microsoft Office affected versions not specified Microsoft Office Web Apps affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Description: The issu...
CVE-2019-14422
An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...
Open redirect
An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...
CVE-2019-14422
An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:file1?path2:file2 U...
Fedora Update for apache-poi FEDORA-2012-7686
Check for the Version of apache-poi OpenVAS Vulnerability Test Fedora Update for apache-poi FEDORA-2012-7686 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...