Lucene search
+L

1089 matches found

SUSE Linux
SUSE Linux
added 2026/02/10 2:15 p.m.5 views

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow bsc1257598. CVE-2026-0716: improper bounds handling may allow out-of-bounds read bsc1256418. Patch Instructions: To install this...

9.2CVSS6AI score0.00947EPSS
Exploits0References8
SUSE Linux
SUSE Linux
added 2026/02/06 8:2 a.m.4 views

Security update for cockpit-machines

This update for cockpit-machines fixes the following issues: CVE-2025-13465: Update the lodash dependencie to avoid prototype pollution. bsc1257324 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively...

8.8CVSS5.4AI score0.01535EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2026/02/05 8:30 a.m.5 views

Security update for expat

This update for expat fixes the following issues: CVE-2026-24515: Fixed a null dereference in XMLExternalEntityParserCreate. bsc1257144 CVE-2026-25210: Fixed an integer overflow in doContent. bsc1257496 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

7.3CVSS7.1AI score0.00193EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/02/05 12:27 a.m.8 views

SUSE CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

8.1CVSS5.5AI score0.00802EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2026/02/03 3:49 p.m.4 views

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.20) +22 more potentially affected by CVE-2025-13473 via django (>=5.2.0 <=5.2.10)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2025-13473 Source advisory: SNYK:PYTHON-DJANGO-15198930...

5.3CVSS6AI score0.00713EPSS
Exploits0
OSV
OSV
added 2026/02/03 3:30 p.m.7 views

GHSA-GVG8-93H5-G6QQ Django has an SQL Injection issue

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. FilteredRelation is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet methods annotate, aggregat...

9.3CVSS7.1AI score0.00754EPSS
Exploits0References7
OSV
OSV
added 2026/02/03 3:30 p.m.5 views

GHSA-6426-9FV3-65X8 Django has an SQL Injection issue

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

5.4CVSS7.1AI score0.00802EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2026/02/03 3:30 p.m.9 views

Django has an SQL Injection issue

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS5.7AI score0.09436EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2026/02/03 3:16 p.m.10 views

CVE-2025-13473

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsgi allows remote attackers to enumerate users via a timing attack. Earlier, unsupported Django series such as 5.0.x,...

5.3CVSS0.00713EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/03 2:35 p.m.5 views

EUVD-2026-5251

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.5AI score0.00993EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2026/01/22 12:18 p.m.6 views

Security update for libsodium

This update for libsodium fixes the following issues: CVE-2025-15444: fixed cryptographic bypass via improper elliptic curve point validation bsc1256070. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.8CVSS5.5AI score0.00228EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004041)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004041 advisory. An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore functionality for...

5.5CVSS6.5AI score0.00476EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003895)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003895 advisory. A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system. Tenable has...

5.5CVSS6.6AI score0.00323EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.9 views

CVE-2020-7007

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service...

10CVSS7.4AI score0.0272EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.9 views

CVE-2020-7001

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a weak cryptographic algorithm, which may allow confidential information to be disclosed...

7.5CVSS6.6AI score0.00812EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:24 a.m.7 views

CVE-2023-40556

Cross-Site Request Forgery CSRF vulnerability in Greg Ross Schedule Posts Calendar plugin = 5.2 versions...

8.8CVSS7.1AI score0.00214EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 5:16 a.m.4 views

CVE-2025-49346

Cross-Site Request Forgery CSRF vulnerability in peterwsterling Simple Archive Generator simple-archive-generator allows Stored XSS.This issue affects Simple Archive Generator: from n/a through = 5.2...

7.1CVSS0.00094EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2025/12/03 12:0 a.m.8 views

Django 4.2.x < 4.2.27, 5.0.x < 5.1.15, 5.2.x < 5.2.9 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS7.8AI score0.02143EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2025/12/02 3:15 p.m.7 views

CVE-2025-64460

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. Algorithmic complexity in django.core.serializers.xmlserializer.getInnerText allows a remote attacker to cause a potential denial-of-service attack triggering CPU and memory exhaustion via specially crafted XML...

7.5CVSS7.6AI score0.02143EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/11/24 7:58 a.m.3 views

Security update for glib2

This update for glib2 fixes the following issues: CVE-2025-7039: Fixed buffer under-read on glib through glib/gfileutils.c via gettmpfile bsc1249055 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternativel...

4.9CVSS7.2AI score0.0037EPSS
Exploits0References4
Rows per page
Query Builder