Lucene search
K

18 matches found

NVD
NVD
added 2026/06/11 7:16 a.m.14 views

CVE-2026-41856

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS0.00352EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 5:5 a.m.32 views

CVE-2026-41856 Spring GraphQL Annotation Detection Vulnerability

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS0.00352EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 5:5 a.m.11 views

CVE-2026-41856 Spring GraphQL Annotation Detection Vulnerability

The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security annotations can be ignored...

7.5CVSS5.4AI score0.00352EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.10 views

VMware Spring for GraphQL 访问控制错误漏洞

VMware Spring for GraphQL is a GraphQL application development framework provided by the American company VMware. Versions of VMware Spring for GraphQL such as 2.0.0 and earlier, 1.4.0 and earlier, 1.3.0 and earlier, as well as 1.0.0 and earlier, have a access control vulnerability. This...

7.5CVSS5.4AI score0.00352EPSS
Exploits0References1
Spring Security Advisories
Spring Security Advisories
added 2026/06/10 12:0 a.m.9 views

cve-2026-41856 - HIGH - Spring GraphQL Annotation Detection Vulnerability

cve-2026-41856 - HIGH - Spring GraphQL Annotation Detection Vulnerability...

7.5CVSS6.1AI score0.00352EPSS
Exploits0
Snyk
Snyk
added 2026/06/10 12:0 a.m.9 views

Incorrect Authorization

Overview org.springframework.graphql:spring-graphql is a GraphQL Support for Spring Applications Affected versions of this package are vulnerable to Incorrect Authorization via annotation resolution for @Controller data fetchers in Spring GraphQL. An attacker can bypass authorization checks when...

8.3CVSS5.3AI score0.00352EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/10 2:6 a.m.8 views

kernel: nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

7.5CVSS5.7AI score0.0071EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.16 views

SUSE CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

5.5CVSS5.3AI score0.0071EPSS
Exploits0References23
Microsoft CVE
Microsoft CVE
added 2025/12/24 9:2 a.m.6 views

firmware: stratix10-svc: fix bug in saving controller data

...

6.1CVSS6.7AI score0.00176EPSS
Exploits0
OSV
OSV
added 2025/12/22 5:16 p.m.5 views

UBUNTU-CVE-2025-68328

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-svc: fix bug in saving controller data Fix the incorrect usage of platformsetdrvdata and devsetdrvdata. They both are of the same data and overrides each other. This resulted in the rmmod of the svc driver to...

5.7AI score0.00176EPSS
Exploits0References35
CVE
CVE
added 2025/12/22 4:12 p.m.27 views

CVE-2025-68328

CVE-2025-68328 relates to the Linux kernel Stratix10 SVC firmware: a bug in saving controller data caused by incorrect use of platform_set_drvdata and dev_set_drvdata, which can result in rmmod failing and a kernel panic during kthread_stop and fifo free. The issue has been addressed in the SUSE/...

6AI score0.00176EPSS
Exploits0References7
The Hacker News
The Hacker News
added 2025/08/12 1:0 p.m.6 views

New 'Curly COMrades' APT Using NGEN COM Hijacking in Georgia, Moldova Attacks

A previously undocumented threat actor dubbed Curly COMrades has been observed targeting entities in Georgia and Moldova as part of a cyber espionage campaign designed to facilitate long-term access to target networks. "They repeatedly tried to extract the NTDS database from domain controllers --...

7.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/12/13 8:36 a.m.4 views

ansible: Template Injection

A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data...

7.8CVSS6.8AI score0.00539EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.5 views

kernel: nvmet-tcp: add bounds check on Transfer Tag

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmettcphandleh2cdatapdu, add a bounds check to avoid out-of-bounds access...

5.7AI score0.00211EPSS
Exploits0References5
OSV
OSV
added 2020/11/30 7:15 a.m.3 views

DEBIAN-CVE-2020-25624

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver...

5CVSS6.9AI score0.00573EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.9 views

Omron CJ1W-PTS52 Position Controller Detection

Binary data 755984.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/05/08 12:0 a.m.16 views

Omron CJ1W-NC234 Position Controller Detection

Binary data 756080.prm...

7.3AI score
Exploits0
Nmap
Nmap
added 2015/06/01 4:12 a.m.257 views

omron-info NSE Script

This NSE script is used to send a FINS packet to a remote device. The script will send a Controller Data Read Command and once a response is received, it validates that it was a proper response to the command that was sent, and then will parse out the data. Example Usage nmap --script omron-info...

10CVSS0.1AI score0.99448EPSS
Exploits33
Rows per page
Query Builder