Development

GraphQL, a powerful query language for APIs, has transformed how developers interact with data by allowing clients to request precisely what they need through a single endpoint. Unlike REST APIs, which rely on multiple fixed endpoints, GraphQL uses a strongly typed schema to define available data and operations, enabling flexible queries and mutations. This flexibility
The post GraphQL API Testing: Strategies and Tools for Testers appeared first on Codoid.

CVE ID : CVE-2025-1975

Published : May 16, 2025, 9:15 a.m. | 3 hours, 7 minutes ago

Description : A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can lead to a server crash.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4679

Published : May 16, 2025, 9:15 a.m. | 3 hours, 7 minutes ago

Description : A vulnerability in Synology Active Backup for Microsoft 365 allows remote authenticated attackers to obtain sensitive information via unspecified vectors.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4765

Published : May 16, 2025, 9:15 a.m. | 3 hours, 7 minutes ago

Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been classified as critical. Affected is an unknown function of the file /admin/contactus.php. The manipulation of the argument mobnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4766

Published : May 16, 2025, 9:15 a.m. | 3 hours, 7 minutes ago

Description : A vulnerability was found in PHPGurukul Zoo Management System 2.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-4767

Published : May 16, 2025, 10:15 a.m. | 2 hours, 7 minutes ago

Description : A vulnerability was found in defog-ai introspect up to 0.1.4. It has been rated as critical. Affected by this issue is the function test_custom_tool of the file introspect/backend/integration_routes.py of the component Test Endpoint. The manipulation of the argument input_model leads to code injection. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…