CVE-2024-37843

Craft CMS up to v3.7.31 was discovered to contain a SQL injection vulnerability via the GraphQL API...Read More ...

Continue Reading
Denial Of Service (DoS)

Directus is vulnerable to Denial Of Service (DoS). The vulnerability is due to field duplication in GraphQL, where an attacker can overwhelm the server by requesting the same field multiple times in a ...

Continue Reading
CVE-2024-39324 aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to ...

Continue Reading
CVE-2024-39895 Directus GraphQL Field Duplication Denial of Service (DoS)

Directus is a real-time API and App dashboard for managing SQL database content. A denial of service (DoS) attack by field duplication in GraphQL is a type of attack where an attacker exploits the fle ...

Continue Reading
CVE-2024-5430

An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project ...

Continue Reading
CVE-2024-39323

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.01 and prior to versions 2022.10.10, 2023.10.6, and 2024.04.6, an improper access control vulnerability a ...

Continue Reading
CVE-2024-39324

aimeos/ai-admin-graphql is the Aimeos GraphQL API admin interface. Starting in version 2022.04.1 and prior to versions 2022.10.10, 2023.10.6, and 2024.4.2, improper access control allows a editors to ...

Continue Reading
CVE-2024-39895

Directus is a real-time API and App dashboard for managing SQL database content. A denial of service (DoS) attack by field duplication in GraphQL is a type of attack where an attacker exploits the fle ...

Continue Reading

Back to Main

Subscribe for the latest news: