5 matches found
CVE-2026-33498 Parse Server: Query condition depth bypass via pre-validation transform pipeline
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.55 and 9.6.0-alpha.44, an attacker can send an unauthenticated HTTP request with a deeply nested query containing logical operators to permanently hang the Parse Server...
Parse Server SQL注入漏洞
Parse Server is an open-source backend developed by the Parse Platform. It can be deployed on any infrastructure that runs Node.js. Versions of Parse Server prior to 8.6.59 and 9.6.0-alpha.53 contain a SQL injection vulnerability. This vulnerability arises from the ability of attackers to inject...
EUVD-2025-28805
Malicious code in bioql PyPI...
PT-2025-9033 · Infoblox · Infoblox Nios
Name of the Vulnerable Software and Affected Versions: Infoblox NIOS versions prior to 8.6.5 Description: The issue allows Infoblox NIOS to execute with more privileges than required. Recommendations: For versions prior to 8.6.5, update to version 8.6.5 or later to resolve the issue...
KUKA SystemSoftware V/KSS 访问控制错误漏洞
KUKA SystemSoftware V/KSS is a robot control operating system from KUKA SystemSoftware. An Access Control Error vulnerability exists in KUKA SystemSoftware V/KSS versions prior to 8.6.5 that stems from incorrect access control. An attacker can exploit this vulnerability to directly read or write...