Lucene search
K

3 matches found

OSV
OSV
added 2026/04/08 3:5 p.m.3 views

GHSA-H9MW-H4QC-F5JF kubernetes-graphql-gateway: GraphQL Endpoint Vulnerable to Authenticated Denial-of-Service via Unrestricted Query Execution

CVSS 6.5 Medium — The GraphQL API served by kubernetes-graphql-gateway is vulnerable to Denial-of-Service DoS attacks due to a complete absence of query resource controls depth limiting, complexity analysis, response size capping, and rate limiting. An authenticated attacker can craft queries tha...

6.5CVSS5.9AI score
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.20 views

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems, as well as in the TeleControl Server Basic, allows a hacker to circumvent security restrictions, read and write arbitrary files, and execute arbitrary code.

The vulnerability of the CreateLog method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS6.1AI score0.00525EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/25 12:0 a.m.9 views

PT-2022-23017 · Patlite · Patlite Nh-Fb Series

Name of the Vulnerable Software and Affected Versions: Patlite NH-FB series devices through 1.46 Description: Remote attackers can cause a denial of service by omitting the query string. However, the vendor's perspective is that omitting the query string does not cause a denial of service and the...

7.5CVSS7.1AI score0.01964EPSS
Exploits2References7
Rows per page
Query Builder