Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/11 5:4 a.m.30 views

CVE-2026-41699 Unsafe Deserialization in Spring GraphQL

Spring for GraphQL applications are vulnerable to Unsafe Deserialization when processing paginated GraphQL queries. An attacker can craft a malicious GraphQL request that can lead to Remote Code Execution when the application exposes a paginated Connection field and the classpath contains specifi...

8.1CVSS0.0043EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 5:4 a.m.34 views

CVE-2026-41699

CVE-2026-41699 : Spring for GraphQL is affected by an Unsafe Deserialization flaw when processing paginated GraphQL queries (Connection fields). If the classpath contains specific deserialization-related classes, a crafted GraphQL request can lead to Remote Code Execution. Affected versions: Spri...

9.8CVSS5.7AI score0.0043EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/12/10 1:1 p.m.16 views

CVE-2024-2105

CVE-2024-2105 concerns JBL Bluetooth audio devices where an unauthorised nearby attacker can trigger a deadlock during BLE connection requests due to improper validation of the ICM field. Related records reference JBL products but do not disclose exact affected versions, exploit details, or remed...

6.5CVSS6.5AI score0.00177EPSS
Exploits0References2
OSV
OSV
added 2025/06/18 11:15 a.m.5 views

DEBIAN-CVE-2022-50214

In the Linux kernel, the following vulnerability has been resolved: coresight: Clear the connection field properly coresight devices track their connections output connections and hold a reference to the fwnode. When a device goes away, we walk through the devices on the coresight bus and make su...

7.8CVSS5.8AI score0.00189EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.4 views

PT-2022-34170 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.137 Description: The issue is related to the coresight component, where the connection field is not properly cleared. This is an automated ID intended to aid in discovery of potential security...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/17 12:0 a.m.4 views

PT-2022-33933 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue is related to the coresight component, where the connection field is not properly cleared. This is an automated ID intended to aid in discovery of potential security...

7.2AI score
Exploits0References1
Rows per page
Query Builder