14 matches found
Security update for python-dynaconf (important)
openSUSE security update: security update for python-dynaconf ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20429-1 Rating: important References: bsc1260063 Cross-References: CVE-2026-33154 Affected Products: openSUSE Leap 16.0...
python311-dynaconf-3.2.13-1.1 on GA media (moderate)
python311-dynaconf-3.2.13-1.1 on GA media Announcement ID: openSUSE-SU-2026:10411-1 Rating: moderate Cross-References: CVE-2026-33154 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
CVE-2026-33154
dynaconf is a configuration management tool for Python. Prior to version 3.2.13, Dynaconf is vulnerable to Server-Side Template Injection SSTI due to unsafe template evaluation in the @Jinja resolver. When the jinja2 package is installed, Dynaconf evaluates template expressions embedded in...
CVE-2026-33154
creationtimestamp| type| source ---|---|--- 2026-03-18 20:08:06+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-pxrr-hq57-q35p 2026-03-20 21:22:35+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjh6ckfsh2f 2026-04-03 03:00:04+00:00|...
RuvarOA SQL Injection Vulnerability (CNVD-2024-33154)
RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the id parameter of the /PersonalAffair/worklogtemplateshow.aspx file that lacks validation of externally entered SQL statements. An attacker can exploit...
CVE-2023-33154
Windows Partition Management Driver Elevation of Privilege Vulnerability...
CVE-2023-33154 Windows Partition Management Driver Elevation of Privilege Vulnerability
...
CVE-2023-33154 Windows Partition Management Driver Elevation of Privilege Vulnerability
...
CVE-2023-33154
Technical details about CVE-2023-33154 are not publicly available in the provided connected documents. Please monitor official advisories and CVE listings for updates.
CVE-2022-33154
creationtimestamp| type| source ---|---|--- 2022-07-13 02:25:52+00:00| seen| https://t.me/cibsecurity/46124...
CVE-2022-33154
CVE-2022-33154 affects TYPO3 via the Embedding schema.org vocabulary extension. The issue enables cross-site scripting (XSS) through the extension versions prior to 1.13.1 and 2.x prior to 2.5.1. The Red Hat advisory and OSV entries corroborate the same description: the vulnerability stems from i...
CScms SQL Injection Vulnerability (CNVD-2022-33154)
CScms is a content management system CMS developed based on the CI framework.Cscms Music Portal System v4.2 is vulnerable to SQL injection, which can be exploited by attackers to conduct injection attacks via the component danceDance.phphy...
CVE-2007-1231
creationtimestamp| type| source ---|---|--- 2009-08-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/33154...
CVE-2021-33154
CVE-2021-33154 entry is rejected/not used and does not represent an active vulnerability.