TencentOS Server 4: python-django (TSSA-2024:0158)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0158 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2021-45452

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it...

CVE-2022-45452

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent Windows before build 30430, Acronis Cyber Protect 15 Windows before build 30984...

CVE-2024-45452

creationtimestamp| type| source ---|---|--- 2024-09-18 01:39:14+00:00| seen| https://t.me/cvedetector/5864...

CVE-2024-45452 WordPress Septera theme <= 1.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cryout-creations Septera septera allows Stored XSS.This issue affects Septera: from n/a through = 1.5.1...

CVE-2024-45452 WordPress Septera theme <= 1.5.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1...

WordPress Septera Theme <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Septera Type Theme Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-45452 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2a58cc08c97a Credits stealthcopter Required privilege Contributor...

CVE-2022-45452

creationtimestamp| type| source ---|---|--- 2023-05-18 14:32:16+00:00| seen| https://t.me/cibsecurity/64388 2025-01-22 15:03:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2544...

CVE-2022-45452

CVE-2022-45452 affects Acronis Agent (Windows) before build 30430 and Acronis Cyber Protect 15 (Windows) before build 30984. The root cause is insecure folder permissions enabling local privilege escalation. The issue is documented with explicit vulnerable products/versions and remediation guidan...

CVE-2022-45452

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Agent Windows before build 30430, Acronis Cyber Protect 15 Windows before build 30984...

Debian: Security Advisory (DLA-3191-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3191-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3191-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 17, 2022 https://wiki.debian.org/LTS -...

Moderate: Red Hat Security Advisory: Satellite 6.11 Release

An update is now available for Red Hat Satellite 6.11 Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: libsolv: Heap-based buff...

Security fix for the ALT Linux 10 package python3-module-django version 3.2.11-alt1

3.2.11-alt1 built Jan. 24, 2022 Alexey Shabalin in task 293890 Jan. 18, 2022 Alexey Shabalin - new version 3.2.11 - Fixes for the following security vulnerabilities: + CVE-2021-45115 Prevented DoS vector in UserAttributeSimilarityValidator. + CVE-2021-45116 Fixed potential information disclosure ...

admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45452 via django (>=3.2.0 <=3.2.10)

django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...

ae-django-utils (=0.3.1), apollo-sdk (>=0.2.0 <=0.2.11) +32 more potentially affected by CVE-2021-45452 via django (>=4.0.0 <=4.0.0rc1)

django PYPI version =4.0.0, =0.2.0, =0.6.1, =2.16.1, =0.1.5, =1.0.7, =0.9.0, =0.4.0, =0.1.0, =0.1.1 and more Source cves: CVE-2021-45452 Source advisory: OSV:GHSA-JRH2-HC4R-7JWX...

aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45452 via django (>=2.2.0 <=2.2.25)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45452 Source advisory: OSV:GHSA-JRH2-HC4R-7JWX...

Updated python-django packages fix security vulnerability

UserAttributeSimilarityValidator incurred significant overhead evaluating submitted password that were artificially large in relative to the comparison values. On the assumption that access to user registration was unrestricted this provided a potential vector for a denial-of-service attack...

Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Django < 2.2.26, 3.x < 3.2.11, 4.x < 4.0.1 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...