CVE-2026-45292 opentelemetry-java: Unbounded Memory Allocation in W3C Baggage Propagation

opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators...

GHSA-F5V8-V6Q3-Q4H6 Meridian: Multiple defense-in-depth gaps (collection/depth caps, telemetry, retry, fan-out)

Summary Meridian v2.1.0 Meridian.Mapping and Meridian.Mediator shipped with nine defense-in-depth gaps reachable through its public APIs. Two are HIGH severity — the advertised DefaultMaxCollectionItems and DefaultMaxDepth safety caps are silently bypassed on the IMapper.Mapsource, destination...

CVE-2026-34573

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads...

CVE-2026-34573 Parse Server: GraphQL complexity validator exponential fragment traversal DoS

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads...

CVE-2026-34573 Parse Server: GraphQL complexity validator exponential fragment traversal DoS

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.68 and 9.7.0-alpha.12, the GraphQL query complexity validator can be exploited to cause a denial-of-service by sending a crafted query with binary fan-out fragment spreads...

MPOCryptoML: Multi-Pattern Based Off-Chain Crypto Money Laundering Detection

Recent advancements in money laundering detection have demonstrated the potential of using graph neural networks to capture laundering patterns accurately. However, existing models are not explicitly designed to detect the diverse patterns of off-chain cryptocurrency money laundering. Neglecting...

CVE-2023-20187

A vulnerability in the Multicast Leaf Recycle Elimination mLRE feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. This...

Guide to Serverless Architecture Design Patterns

Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs...

CVE-2014-4509

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager aka IDM 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters...

Design/Logic Flaw

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager aka IDM 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters...

CVE-2014-4509

The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager aka IDM 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters...

CVE-2014-4509

The CVE-2014-4509 issue affects Novell Identity Manager (IDM) 4.0.2, specifically the MKDQUOTESAFE function in the Fan-out driver scripts within Fan-Out Platform Services. The vulnerability allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert...

Format string

The Platform Service Process asampsp in Fan-Out Driver Platform Services for Novell Identity Manager IDM 3.5.1 allows remote attackers to cause a denial of service daemon crash via unspecified network traffic that triggers a syslog message containing invalid format string specifiers, as...

CVE-2007-6625

Technical details (affected product/version, root cause, remediation) are not publicly available in the provided connected documents. Monitor for updates. The CVE entry describes a denial-of-service via invalid format string in IDM 3.5.1, but no further specifics are given here.

CVE-2006-4803

The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager IDM 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."...

CVE-2006-4803

The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager IDM 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection."...