CVE-2026-41327 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in Upsert Condition Field

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack is a...

CVE-2026-41328 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack require...

CVE-2026-41328 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack require...

GHSA-X92X-PX7W-4GX4 Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Executive Summary A vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack requires two HTTP POSTs to port 8080. The first sets up a...

Dgraph: Pre-Auth Full Database Exfiltration via DQL Injection in NQuad Lang Field

Executive Summary A vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack requires two HTTP POSTs to port 8080. The first sets up a...

Dgraph 安全漏洞

Dgraph is an open-source, horizontally scalable distributed GraphQL database with a graphical backend. Versions of Dgraph prior to 25.3.3 contained a security vulnerability. This vulnerability stemmed from the position of language tags in JSON mutation keys, allowing for DQL injection, which coul...

GHSA-XCWX-R2GW-W93M Sylius has a DQL Injection via API Order Filters

Impact Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL: GET /api/v2/shop/products?orderprice=ASC,%20variant.code%20DESC Patches The...

CVE-2026-31825

Sylius is an Open Source eCommerce Framework on Symfony. Sylius API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter pass user-supplied order direction values directly to Doctrine's orderBy without validation. An attacker can inject arbitrary DQL. The issue is fixed in...

CVE-2026-31825

Sylius (Open Source eCommerce framework on Symfony) has a vulnerability in API filters ProductPriceOrderFilter and TranslationOrderNameAndLocaleFilter, where user-supplied order direction values are passed directly to Doctrine’s orderBy() without validation. This allows injection of arbitrary DQL...

EUVD-2016-0892

Malware in sbrugna...

EUVD-2015-0560

Malware in sbrugna...

EUVD-2016-10664

Malware in sbrugna...

EUVD-2014-2539

Malware in sbrugna...

EUVD-2017-14686

Malware in sbrugna...

EUVD-2015-0561

Malware in sbrugna...

EUVD-2014-2544

Malware in sbrugna...

EUVD-2014-2556

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a reset of dql statistics on a NONFATAL error, which could result in an incorrect byte queue limit algorithm...

CVE-2024-50297

CVE-2024-50297 affects the Linux kernel Xilinx AXI Ethernet driver (net: xilinx: axienet). A race occurs when Tx packets are enqueued in the dynamic queue limits (dql) before the DMA engine starts; when the DMA starts, a dql dequeue can execute before the packet is queued, causing a kernel crash ...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that placing packets into a dql queue after the dma engine has been started can result in a...