Lucene search
K

111 matches found

CVE
CVE
added 2026/04/06 4:12 p.m.24 views

CVE-2026-34976

CVE-2026-34976 affects Dgraph prior to 25.3.1 where the restoreTenant admin mutation is missing from the authorization middleware, allowing an unauthenticated attacker to specify attacker-controlled backup locations (including file://), S3/MinIO credentials, encryption key paths, and Vault IDs. T...

10CVSS5.9AI score0.00452EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.10 views

Dgraph 安全漏洞

Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.1 contained a security vulnerability. This vulnerability stemmed from a flaw in the restoreTenant management mechanism, which lacked an authorization middleware...

10CVSS7.4AI score0.00452EPSS
Exploits1References1
Wolfi
Wolfi
added 2026/04/04 1:48 p.m.7 views

CVE-2026-34976 vulnerabilities

Vulnerabilities for packages: dgraph...

10CVSS5.9AI score0.00452EPSS
Exploits1
Wolfi
Wolfi
added 2026/04/04 1:48 p.m.9 views

GHSA-P5RH-VMHP-GVCW vulnerabilities

Vulnerabilities for packages: dgraph...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/04/04 1:17 p.m.9 views

CVE-2026-34976 vulnerabilities

Vulnerabilities for packages: dgraph...

10CVSS5.9AI score0.00452EPSS
Exploits1
Chainguard
Chainguard
added 2026/04/04 1:17 p.m.5 views

GHSA-P5RH-VMHP-GVCW vulnerabilities

Vulnerabilities for packages: dgraph...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/03/31 1:48 p.m.16 views

CVE-2026-32285 vulnerabilities

Vulnerabilities for packages: ollama, minio, terragrunt, teleport, lazygit, grafana-alloy, datadog-agent, mcp-grafana, dagger, prometheus, maru, cri-tools, loki, terraform-mcp-server, malcontent, kubevela, weaviate, opentelemetry-collector, gitlab-runner, nuclei, vcluster, rclone, k3s, grafana,...

7.5CVSS6.7AI score0.0075EPSS
Exploits1
Wolfi
Wolfi
added 2026/02/19 7:48 p.m.5 views

GHSA-FW7P-63QQ-7HPR vulnerabilities

Vulnerabilities for packages: certificate-transparency, croc, crossplane-provider-sql, kubeflow-pipelines, telegraf, step-issuer, temporal, step-kms-plugin, jitsucom-bulker, db-operator, openbao, apko, minio, terragrunt, gitea, argo-workflows, grafana-alloy, mariadb-operator, juicefs, mattermost,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

GHSA-M332-53R6-2W93 vulnerabilities

Vulnerabilities for packages: dgraph...

7AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

CVE-2020-15112 vulnerabilities

Vulnerabilities for packages: dgraph...

6.5CVSS7AI score0.01256EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.4 views

GHSA-M332-53R6-2W93 vulnerabilities

Vulnerabilities for packages: dgraph, etcd, etcd-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.7 views

CVE-2020-15112 vulnerabilities

Vulnerabilities for packages: dgraph, etcd, etcd-fips...

6.5CVSS6.8AI score0.01256EPSS
Exploits0
Wolfi
Wolfi
added 2025/12/04 7:47 p.m.9 views

CVE-2025-61729 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, restic, kube-fluentd-operator, gogatekeeper, syft, karpenter, go-md2man, knative-client, secrets-store-csi-driver-provider-gcp, opentelemetry-collector, promxy,...

7.5CVSS7.2AI score0.00459EPSS
Exploits2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-1505

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00153EPSS
Exploits0References6
Chainguard
Chainguard
added 2025/09/24 2:18 p.m.8 views

GHSA-8PJC-487G-W6P2 vulnerabilities

Vulnerabilities for packages: rancher-security-scan, cloud-sql-proxy, azure-service-operator, eck-operator, argo-events, helm-operator, rabbitmq-default-user-credential-updater, opentofu, gobump, traefik, conftest, karpenter, mongo-tools, vitess, docker-cli, nodetaint, wgcf, mattermost, nri-f5,...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 5:57 a.m.6 views

CVE-2023-31135

Dgraph is an open source distributed GraphQL database. Existing Dgraph audit logs are vulnerable to brute force attacks due to nonce collisions. The first 12 bytes come from a baseIv which is initialized when an audit log is created. The last 4 bytes come from the length of the log line being...

5.5CVSS6.6AI score0.00153EPSS
Exploits0References1
Chainguard
Chainguard
added 2024/05/08 4:15 p.m.34 views

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: prometheus-adapter, mockery, tfsec, eck-operator, newrelic-prometheus-configurator, caddy-fips, mongo-tools, cert-manager-fips, opentelemetry-collector-contrib-fips, wireguard-go, crane, crossplane, gosu, atlantis, flux-kustomize-controller, frp,...

5.9CVSS6.8AI score0.01001EPSS
Exploits0
Wolfi
Wolfi
added 2024/02/03 12:3 a.m.18 views

GHSA-VJG6-93FV-QV64 vulnerabilities

Vulnerabilities for packages: dgraph, juicefs...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2024/02/03 12:3 a.m.20 views

GHSA-VJG6-93FV-QV64 vulnerabilities

Vulnerabilities for packages: juicefs, dgraph, etcd, etcd-fips...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2024/02/03 12:3 a.m.158 views

GHSA-PM3M-32R3-7MFH vulnerabilities

Vulnerabilities for packages: dgraph...

7.5AI score
Exploits0
Rows per page
Query Builder