105 matches found
OESA-2026-2220 python-django security update
A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. MultiPartParser allows remote attackers to degrade performance by submitting multipart uploads wi...
python311-Django-5.2.13-1.1 on GA media (moderate)
python311-Django-5.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10567-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6....
python311-Django4-4.2.30-1.1 on GA media (moderate)
python311-Django4-4.2.30-1.1 on GA media Announcement ID: openSUSE-SU-2026:10516-1 Rating: moderate Cross-References: CVE-2026-33033 CVE-2026-33034 CVE-2026-3902 CVE-2026-4277 CVE-2026-4292 CVSS scores: CVE-2026-33033 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-33033 SUSE : 6...
SUSE CVE-2026-33034
An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...
CVE-2026-33034
creationtimestamp| type| source ---|---|--- 2026-04-07 23:20:49+00:00| published-proof-of-concept| Telegram/UCQVBQ1wk3sWuk0eQ1N0bHldnYCTUsbgi6Jx-voi5Wevn8w...
arches (=8.0.0a1), desktop-django-starter (=0.1.0) +31 more potentially affected by CVE-2026-33034 via django (>=6.0.0 <=6.0.3)
django PYPI version =6.0.0, =2.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =0.1.4 and more Source cves: CVE-2026-33034 Source advisory: SNYK:PYTHON-DJANGO-15923566...
admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-33034 via django (>=4.2.0 <=4.2.3)
django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-33034 Source advisory: SNYK:PYTHON-DJANGO-15923566...
admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-33034 via django (>=4.2.0 <=4.2.3)
django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-33034 Source advisory: OSV:GHSA-933H-HP56-HF7M...
cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +27 more potentially affected by CVE-2026-33034 via django (>=5.2.0 <=5.2.12)
django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-33034 Source advisory: OSV:GHSA-933H-HP56-HF7M...
cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +27 more potentially affected by CVE-2026-33034 via django (>=5.2.0 <=5.2.12)
django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-33034 Source advisory: OSV:PYSEC-2026-49...
admin-auth0 (>=0.1.1 <=0.1.5), aldryn-django (>=4.2.10.0 <=4.2.18.0) +126 more potentially affected by CVE-2026-33034 via django (>=4.2.0 <=4.2.3)
django PYPI version =4.2.0, =0.1.1, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.0.9, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =4.17.1 and more Source cves: CVE-2026-33034 Source advisory: OSV:PYSEC-2026-49...
CVE-2026-33034
An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could bypass the DATAUPLOADMAXMEMORYSIZE limit when reading HttpRequest.body, allowing remote attackers to load an unbounded request body into...
Linux Distros Unpatched Vulnerability : CVE-2026-33034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.4, 5.2 before 5.2.13, and 4.2 before 4.2.30. ASGI requests with a missing or understated Content-Length header could...
MiracleLinux 8 : kernel-4.18.0-305.7.1.el8_4 (AXSA:2021-2251:15)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2251:15 advisory. kernel: use-after-free in net/bluetooth/hcievent.c when destroying an hcichan CVE-2021-33034 kernel: security bypass in certs/blacklist.c and...
Linux Distros Unpatched Vulnerability : CVE-2021-33034
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an...
CVE-2024-33034
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...
CVE-2024-33034
creationtimestamp| type| source ---|---|--- 2024-08-05 18:05:15+00:00| seen| https://t.me/cvedetector/2452...
CVE-2024-33034 Use After Free in Graphics Linux
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...
CVE-2024-33034
CVE-2024-33034 concerns a memory corruption issue in the Graphics Linux stack where VBOs may hold outdated or invalid GPU SMMU mappings. The root cause occurs when binding and reclaiming memory buffers happen concurrently, which can lead to memory corruption with High impact on confidentiality, i...
CVE-2024-33034 Use After Free in Graphics Linux
Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time...