CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3125 matches found

CNNVD•added 2022/02/28 12:0 a.m.•19 views

GitLab Enterprise Edition和GitLab Community Edition 授权问题漏洞

GitLab Enterprise Edition is a content management system, and GitLab Community Edition is a community edition of GitLab from GitLab, Inc. GitLab Enterprise Edition and GitLab Community Edition have an authorization issue vulnerability that arises from an application exporting too much data in the...

5.3CVSS7.4AI score0.80004EPSS

Exploits4References6

FreeBSD•added 2022/02/25 12:0 a.m.•52 views

Gitlab -- multiple vulnerabilities

Gitlab reports: Runner registration token disclosure through Quick Actions Unprivileged users can add other users to groups through an API endpoint Inaccurate display of Snippet contents can be potentially misleading to users Environment variables can be leaked via the sendmail delivery method...

10CVSS3.8AI score0.80004EPSS

Exploits6References1

RedhatCVE•added 2022/02/08 4:59 a.m.•30 views

CVE-2022-21708

graphql-go is a GraphQL server with a focus on ease of use. In versions prior to 1.3.0 there exists a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL...

7.5CVSS2.9AI score0.01243EPSS

Exploits0References3

OSV•added 2022/01/27 3:28 p.m.•19 views

GHSA-MH3M-8C74-74XH Denial of Service in graphql-go

Impact This is a DoS vulnerability that is possible due to a bug in the library that would allow an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL handler can send these queries and cause stack overflows. This in turn could...

6.5CVSS6.7AI score0.01243EPSS

Exploits0References5

Github Security Blog•added 2022/01/27 3:28 p.m.•31 views

Denial of Service in graphql-go

6.5CVSS2.4AI score0.01243EPSS

Exploits0References5Affected Software1

CNVD•added 2022/01/25 12:0 a.m.•28 views

graphql-go denial of service vulnerability

graphql-go is an open source GraphQL server focused on ease of use. graphql-go has a security vulnerability that stems from a DoS vulnerability in versions prior to 1.3.0, likely due to a bug in the library. an attacker could exploit the vulnerability to cause a stack overflow panic using a...

6.5CVSS4.7AI score0.01243EPSS

Exploits0References1

Veracode•added 2022/01/24 5:6 a.m.•16 views

Denial Of Service (DoS)

github.com/graph-gophers/graphql-go is vulnerable to denial of service DoS attacks. An authenticated attacker with access to the GraphQL handler is able to send specifically crafted queries and cause stack based buffer overflows resulting in denial of service conditions...

6.5CVSS4AI score0.01243EPSS

Exploits0References3Affected Software1

NVD•added 2022/01/21 11:15 p.m.•17 views

CVE-2022-21708

6.5CVSS0.01243EPSS

Exploits0References2

OSV•added 2022/01/21 11:15 p.m.•3 views

DEBIAN-CVE-2022-21708

6.5CVSS6.4AI score0.01243EPSS

Exploits0References1

UbuntuCve•added 2022/01/21 11:15 p.m.•22 views

CVE-2022-21708

6.5CVSS6.5AI score0.01243EPSS

Exploits0References4

Prion•added 2022/01/21 11:15 p.m.•22 views

Stack overflow

3.5CVSS6.4AI score0.01243EPSS

Exploits0References2Affected Software1

OSV•added 2022/01/21 11:15 p.m.•2 views

UBUNTU-CVE-2022-21708

6.5CVSS5.8AI score0.01243EPSS

Exploits0References5

Vulnrichment•added 2022/01/21 10:25 p.m.•5 views

CVE-2022-21708 Denial of Service in graphql-go

6.5CVSS6.4AI score0.01243EPSS

Exploits0References2

Cvelist•added 2022/01/21 10:25 p.m.•16 views

CVE-2022-21708 Denial of Service in graphql-go

6.5CVSS6.6AI score0.01243EPSS

Exploits0References2

CVE•added 2022/01/21 10:25 p.m.•136 views

CVE-2022-21708

The CVE-2022-21708 issue affects graphql-go (GraphQL server). In versions prior to 1.3.0, a bug allows an attacker with access to the GraphQL handler to send crafted queries that trigger a stack overflow panic, potentially impairing the server’s ability to serve data. The vulnerability is fixed i...

6.5CVSS6.6AI score0.01243EPSS

Exploits0References2Affected Software1

Debian CVE•added 2022/01/21 10:25 p.m.•67 views

CVE-2022-21708

6.5CVSS6.4AI score0.01243EPSS

Exploits0

OSV•added 2022/01/21 10:25 p.m.•15 views

CVE-2022-21708 Denial of Service in graphql-go

6.5CVSS6.5AI score0.01243EPSS

Exploits0References4

CNNVD•added 2022/01/21 12:0 a.m.•5 views

graphql-go 资源管理错误漏洞

6.5CVSS5.7AI score0.01243EPSS

Exploits0References3

Positive Technologies•added 2022/01/21 12:0 a.m.•5 views

PT-2022-15055 · Unknown +1 · Graphql-Go +1

Name of the Vulnerable Software and Affected Versions: graphql-go versions prior to 1.3.0 Description: The issue is a DoS vulnerability due to a bug in the library that allows an attacker with specifically designed queries to cause stack overflow panics. Any user with access to the GraphQL handle...

6.5CVSS6.3AI score0.01243EPSS

Exploits0References18

ATTACKERKB•added 2022/01/18 5:15 p.m.•5 views

CVE-2022-0172

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under certain conditions it was possible to bypass the IP restriction for public projects through GraphQL allowing unauthorised users to read titles of issues, merge requests and milestones...

6.5CVSS6.4AI score0.00765EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by