CVE-2026-23735

GraphQL Modules is a toolset of libraries and guidelines dedicated to create reusable, maintainable, testable and extendable modules out of your GraphQL server. From 2.2.1 to before 2.4.1 and 3.1.1, when 2 or more parallel requests are made which trigger the same service, the context of the...

CVE-2026-23735 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') in graphql-modules

GraphQL Modules is a toolset of libraries and guidelines dedicated to create reusable, maintainable, testable and extendable modules out of your GraphQL server. From 2.2.1 to before 2.4.1 and 3.1.1, when 2 or more parallel requests are made which trigger the same service, the context of the...

CVE-2026-23735

GraphQL Modules is a toolset of libraries and guidelines dedicated to create reusable, maintainable, testable and extendable modules out of your GraphQL server. From 2.2.1 to before 2.4.1 and 3.1.1, when 2 or more parallel requests are made which trigger the same service, the context of the...

CVE-2021-21043 Reflected Cross-site Scripting (XSS) on version-compare and page-compare tools

ACS Commons version 4.9.2 and earlier suffers from a Reflected Cross-site Scripting XSS vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content...

Trend Micro ServerProtect ioctlMod Heap-based Buffer Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro ServerProtect. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

Remote Code Execution

spring-batch-core is vulnerable to remote code execution. The upgrade of Jackson in 4.2.3.RELEASE enabled default typing by default and resulted in Spring Batch to be vulnerable to untrusted deserialization. An attacker will be able to execute arbitrary code if ExecutionContext is serialized and...

CVE-2020-5411

When configured to enable default typing, Jackson contained a deserialization vulnerability that could lead to arbitrary code execution. Jackson fixed this vulnerability by blacklisting known "deserialization gadgets". Spring Batch configures Jackson with global default typing enabled which means...

Fedora Update for ganglia FEDORA-2013-22444

Check for the Version of ganglia OpenVAS Vulnerability Test Fedora Update for ganglia FEDORA-2013-22444 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...