Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 10.3.0 and prior to version 10.5.0, the permission filters (i.e. `user_created IS $CURRENT_USER`) a ...
Continue Reading
August 15, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. ...
Continue Reading
August 15, 2023
Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initiali ...
Continue Reading
August 15, 2023
** DISPUTED ** A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: t ...
Continue Reading
August 15, 2023
gitlab is vulnerable to Authorization Bypasses. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL mutations. An attacker can exploit this vulnerability to perform Git acti ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in the GraphQL API, allowing an attacker to call mutations as the victimRead More ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Information Disclosure. This vulnerability occurs due to a flaw in the way that GitLab handles GraphQL queries. An attacker can exploit this vulnerability to access project det ...
Continue Reading
August 12, 2023
gitlab is vulnerable to Improper Authorization. The vulnerability exists due to improper access to some particular fields through the GraphQL API which allows an attacker to perform unauthorized actio ...
Continue Reading
August 11, 2023
Back to Main
