Geth (aka go-ethereum) through 1.13.4, when `--http --graphql` is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the ...
Continue Reading
December 15, 2023
Introspection is enabled on `demo.pimcore.fun`. The demo site has graphql as a feature for users, but allows users to run instropection queries, which presents a potential schema information disclosur ...
Continue Reading
December 15, 2023
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...
Continue Reading
December 15, 2023
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...
Continue Reading
December 15, 2023
Geth (aka go-ethereum) through 1.13.4, when `--http --graphql` is used, allows remote attackers to cause a denial of service (memory consumption and daemon hang) via a crafted GraphQL query. NOTE: the ...
Continue Reading
December 15, 2023
Server-Side Request Forgery (SSRF) vulnerability in WPGraphQL.This issue affects WPGraphQL: from n/a through...Read More ...
Continue Reading
December 15, 2023
A flaw was found in Quarkus. This issue occurs when receiving a request over websocket with no role-based permission specified on the GraphQL operation, Quarkus processes the request without authentic ...
Continue Reading
December 15, 2023
Summary IBM Edge Application Manager 4.5.3 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross- ...
Continue Reading
December 15, 2023
Back to Main
