CVE-2026-41699

CVE-2026-41699 : Spring for GraphQL is affected by an Unsafe Deserialization flaw when processing paginated GraphQL queries (Connection fields). If the classpath contains specific deserialization-related classes, a crafted GraphQL request can lead to Remote Code Execution. Affected versions: Spri...

EUVD-2025-41699

Malicious code in andi-enting86-ruro npm...

CVE-2025-41699

An low privileged remote attacker with an account for the Web-based management can change the system configuration to perform a command injection as root, resulting in a total loss of confidentiality, availability and integrity due to improper control of generation of code 'Code Injection'...

Phoenix Contact CHARX SEC-3xxx vulnerable to code injection

Overview CHARX SEC-3xxx provided by Phoenix Contact contains the following vulnerability. Code injection CWE-94 - CVE-2025-41699 Ryo Kato of Panasonic Holdings Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

CVE-2025-41699

creationtimestamp| type| source ---|---|--- 2025-10-14 13:43:53+00:00| seen| https://infosec.exchange/users/certvde/statuses/115372814013214488 2025-10-14 13:45:05+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3m35uerwse5t2...

CVE-2025-41699

Phoenix Contact CHARX SEC-3xxx charging controllers are affected by CVE-2025-41699. The vulnerability is a code injection (CWE-94) that an attacker with a low-privileged remote account for the Web-based management can exploit to change system configuration and perform a root command injection, co...

CVE-2022-41699

Incorrect permission assignment for critical resource in some IntelR QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2024-41699

creationtimestamp| type| source ---|---|--- 2024-08-20 14:37:01+00:00| seen| https://t.me/cvedetector/3612...

CVE-2024-41699

Priority – CWE-552: Files or Directories Accessible to External Parties...

CVE-2024-41699

Technical details about CVE-2024-41699 are not publicly available in the provided documents. No affected products, versions, or fixes are specified. Monitor for updates from authoritative sources.

CVE-2024-41699 Priority – CWE-552: Files or Directories Accessible to External Parties

Priority – CWE-552: Files or Directories Accessible to External Parties...

CVE-2024-41699 Priority – CWE-552: Files or Directories Accessible to External Parties

Priority – CWE-552: Files or Directories Accessible to External Parties...

CVE-2023-41699

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...

CVE-2023-41699 Payara Platform: URL Redirection to untrusted site using FORM authentication

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Payara Platform Payara Server, Micro and Embedded Servlet Implementation modules allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.4...

CVE-2023-41699

CVE-2023-41699 affects Payara Platform (Payara Server, Micro and Embedded) across multiple releases. The issue is a URL redirect/open redirect vulnerability in the servlet implementation modules that permits Redirect Access to Libraries. Affected versions are 5.0.0–5.57.0 (inclusive 5.57.0), 4.1....

CVE-2022-41699

creationtimestamp| type| source ---|---|--- 2023-05-10 18:19:44+00:00| seen| https://t.me/cibsecurity/63758 2025-01-24 18:05:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2974...

CVE-2022-41699

Incorrect permission assignment for critical resource in some IntelR QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-41699

Incorrect permission assignment for critical resource in some IntelR QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-41699

Incorrect permission assignment for critical resource in some IntelR QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2022-41699

Intel QuickAssist Technology (QAT) drivers for Windows prior to version 1.9.0 have an incorrect permission assignment that may allow an authenticated user to escalate privileges via local access. Affected products: Intel QAT drivers for Windows before 1.9.0. Impact, as described by Intel: local p...