cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.16) +27 more potentially affected by CVE-2026-33033 via django (>=5.2.0 <=5.2.12)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-33033 Source advisory: OSV:GHSA-5MF9-H53Q-7MHQ...

Django 4.2.x < 4.2.27, 5.0.x < 5.1.15, 5.2.x < 5.2.9 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

EUVD-2018-3159

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-5397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC spring-webmvc module or...

WordPress 5.2.x < 5.2.19 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A potential disclosure of user email addresses. - An RCE POP Chains vulnerability. - A Cross-Site Scripting XSS vulnerability in the post link navigation block. - An issue...

K12253: PHP vulnerability CVE-2010-2225

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

Security Bulletin: Vulnerability found in Apache Xalan Java XSLT library may affect IBM Enterprise Records

Summary IBM Enterprise Records may be affected by vulnerability found in Apache Xalan Java XSLT library. Vulnerability Details CVEID:CVE-2022-34169 DESCRIPTION: The Apache Xalan Java XSLT library could allow a remote attacker to execute arbitrary code on the system, caused by an integer truncatio...

Security Bulletin: Vulnerability found in Eclipse Jetty may affect IBM Enterprise Records

Summary IBM Enterprise Records may be affected by vulnerability found in Eclipse Jetty. Vulnerability Details CVEID:CVE-2021-28165 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by improper input valistion. By sending a specially-crafted TLS frame, a remote attacker could...

WordPress 5.2.x < 5.2.16 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A SQL injection vulnerability within the Link API. - A Cross-Site Scripting XSS vulnerability on the Plugins screen. - An output escaping issue within themeta. Note that t...

Security Bulletin: Multiple vulnerabilities in WebSphere Application Server affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2018-1683, CVE-2018-8039)

Summary WebSphere Application Server is vulnerable to possible man-in-the-middle attacks. This is caused by the failure to encrypt ORB communication or by an Apache CXF vulnerability. Vulnerability Details CVEID: CVE-2018-1683 DESCRIPTION: IBM WebSphere Application Server Liberty could allow a...

GlobalProtect 日志信息泄露漏洞

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides firewall monitoring and threat prevention. A log information disclosure vulnerability exists in Palo Alto Networks GlobalProtect on Windows, where the application logs th...

WordPress 5.2.x < 5.2.14 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored Cross-Site Scripting XSS vulnerability through post slugs. - An object injection vulnerability in some multisite installations. - A SQL injection vulnerability in...

Palo Alto GlobalProtect App Windows VPN kernel 5.1.x < 5.1.8 / 5.2.x < 5.2.4 DoS

The version of Palo Alto GlobalProtect Agent installed on the remote Windows host is 5.1.x prior to 5.1.8, or 5.2.x prior to 5.2.4. It is, therefore, affected by a denial-of-service DoS vulnerability. A denial-of-service DoS vulnerability in Palo Alto Networks GlobalProtect app on Windows systems...

Code injection

Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an...

CVE-2020-5407

Spring Security versions 5.2.x prior to 5.2.4 and 5.3.x prior to 5.3.2 contain a signature wrapping vulnerability during SAML response validation. When using the spring-security-saml2-service-provider component, a malicious user can carefully modify an otherwise valid SAML response and append an...

CVE-2020-5407

CVE-2020-5407 describes a signature-wrapping vulnerability in Spring Security (affecting the spring-security-saml2-service-provider path) where an attacker can modify a valid SAML response to inject an arbitrary assertion. Affected are Spring Security 5.2.x before 5.2.4 and 5.3.x before 5.3.2. Ex...

Security Bulletin: XML External Entity Injection Security Vulnerability Affects IBM Sterling B2B Integrator (CVE-2019-4043)

Summary IBM Sterling B2B Integrator Standard Edition has addressed the XML External Entity Injection vulnerability Vulnerability Details CVEID: CVE-2019-4043 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to an XML External Entity Injection XXE attack when processing XML...

Oracle VM VirtualBox 5.2.x < 5.2.34 / 6.0.x < 6.0.14 (Oct 2019 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.34 or 6.0.x prior to 6.0.14. It is, therefore, affected by multiple vulnerabilities as noted in the October 2019 Critical Patch Update advisory: - A vulnerability exists in the Oracle VM VirtualBox product of...

WordPress 5.2.x < 5.2.3 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A cross-site scripting XSS vulnerability in post previews by contributors. - A cross-site scripting XSS vulnerability in stored comments. - An unspecified issue with...

CVE-2019-15902

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptracegetdebugreg" commit reintroduced the...