The Graph is an indexing protocol for querying networks like Ethereum, IPFS, Polygon, and other blockchains. Prior to version 3.0.0, a flaw in the token vesting contracts allows users to access tokens
Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is registered on
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the d
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is c
Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the d
Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config (admin.go), making it completely unauthenti
GraphQL Mesh is a GraphQL Federation framework and gateway for both GraphQL Federation and non-GraphQL Federation subgraphs, non-GraphQL services, such as REST and gRPC, and also databases such as Mon
Graphiti is a framework for building and querying temporal context graphs for AI agents. Graphiti versions before 0.28.2 contained a Cypher injection vulnerability in shared search-filter construction
Strawberry GraphQL is a library for creating GraphQL APIs. Starting in 0.182.0 and prior to version 0.257.0, a type confusion vulnerability exists in Strawberry GraphQL's relay integration that affect
Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Each team can own their slice of the graph independently, empowering them to deliver autonomously and increm
Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.
Apollo Federation is an architecture for declaratively composing APIs into a unified graph. Prior to 2.9.6, 2.10.5, 2.11.6, 2.12.3, and 2.13.2, a vulnerability exists in query plan execution within th
Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in a
Strawberry GraphQL is a library for creating GraphQL APIs. In versions 0.288.4 through 0.315.3, Strawberry's bundled GraphiQL template wrote values from the GraphiQL headers editor into the browser UR
Proxy server in Graph Explorer before 3.0.1 falls back to HTTP when certificate files are missing, which might allow remote threat actors to obtain sensitive information via interception of requests i
Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard
Authentication Bypass by Assumed-Immutable Data vulnerability in Apache HugeGraph-Server.
This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.5.0.
Users are recommended to upgrade to ver
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Starting in version 3.3.8, a security check that gets called after GraphQl resolvers is always replaced by another one
The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. A vulnerability in Apollo Router allowed queries wi
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers ass
Page 1+ Next →