### Impact Users with capabilities to upload media (editors and above) are succeptible to SSRF (Server-Side Request Forgery) when executing the `createMediaItem` Mutation. Authenticated users making ...
Continue Reading
July 01, 2023
### Impact Users with capabilities to upload media (editors and above) are succeptible to SSRF (Server-Side Request Forgery) when executing the `createMediaItem` Mutation. Authenticated users making ...
Continue Reading
July 01, 2023
An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for escalation of privileges in GraphQL API requests from GitHub Apps. This vulnerability allowed an app i ...
Continue Reading
July 01, 2023
Just like everything else, the world of API protocols is evolving. Typical [SOAP]() and REST APIs have many companies like GraphQL, gRPC, and Thrift. JSON-RPC is also on the list. Created to develop f ...
Continue Reading
July 01, 2023
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 43f84437-73ab-11ec-a587-001b217b3468 advisor ...
Continue Reading
July 01, 2023
## Summary: [add summary of the vulnerability] According to publicly available docs, Flow can be accessed in two ways. 1. through the Shopify organization admin (Shopify plus) 2. by installing the Sho ...
Continue Reading
July 01, 2023
An issue has been discovered in GitLab CE/EE affecting versions 13.0 to 14.6.5, 14.7 to 14.7.4, and 14.8 to 14.8.2. Private GitLab instances with restricted sign-ups may be vulnerable to user enumerat ...
Continue Reading
July 01, 2023
graphql-java before 19.0, 18.3, and 17.4 is vulnerable to Denial of Service. An attacker send a malicious GraphQL query that consumes CPU resources. The fixed versions are 19.0, 18.3, and 17.4.Read Mo ...
Continue Reading
July 01, 2023
Back to Main
