Lucene search
K

19 matches found

OpenVAS
OpenVAS
added 2025/12/18 12:0 a.m.6 views

Fedora: Security Advisory (FEDORA-2025-24dfd3b072)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.6AI score0.19396EPSS
Exploits14References2
OpenVAS
OpenVAS
added 2025/12/15 12:0 a.m.2 views

openSUSE Security Advisory (SUSE-SU-2025:4384-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02143EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/13 12:0 a.m.4 views

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2025:4384-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4384-1 advisory. - CVE-2025-13372: Fixed SQL Injection in FilteredRelation bsc1254437 - CVE-2025-64460: Fixed denial of service via specially...

7.5CVSS8.3AI score0.02143EPSS
Exploits0References6
SUSE Linux
SUSE Linux
added 2025/12/12 1:28 p.m.3 views

Security update for python-Django

This update for python-Django fixes the following issues: CVE-2025-13372: Fixed SQL Injection in FilteredRelation bsc1254437 CVE-2025-64460: Fixed denial of service via specially crafted XML input in django.core.serializers.xmlserializer.getInnerText bsc1254437 Patch Instructions: To install this...

7.5CVSS8AI score0.02143EPSS
Exploits0References6
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/12 12:0 a.m.7 views

Security update for python-Django (important)

openSUSE security update: security update for python-django ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20153-1 Rating: important References: bsc1252926 bsc1254437 Cross-References: CVE-2025-13372 CVE-2025-64459 CVE-2025-64460 CVSS scores:...

7.5CVSS6.9AI score0.19396EPSS
Exploits10References2
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/10 12:0 a.m.9 views

Security update for python-Django (important)

openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2025:0465-1 Rating: important References: 1254437 Cross-References: CVE-2025-13372 CVE-2025-64460 CVSS scores: CVE-2025-13372 SUSE: 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2025-64460 SUSE: 7.5...

7.5CVSS7.2AI score0.02143EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/12/10 12:0 a.m.5 views

python311-Django-5.2.9-1.1 on GA media (moderate)

python311-Django-5.2.9-1.1 on GA media Announcement ID: openSUSE-SU-2025:15805-1 Rating: moderate Cross-References: CVE-2025-13372 CVE-2025-64460 CVSS scores: CVE-2025-13372 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2025-64460 SUSE : 7.5...

7.5CVSS7.2AI score0.02143EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/05 12:43 a.m.3 views

SUSE CVE-2025-13372

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet.annotate or QuerySet.alias on PostgreSQL. Earlier...

4.3CVSS8AI score0.00904EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/04 12:0 a.m.3 views

Python Library Django 4.2.x < 4.2.27 / 5.1.x < 5.1.15 / 5.2.x < 5.2.9 Multiple Vulnerabilities

The detected version of the Django Python package, Django, is 4.2.x prior to 4.2.27, 5.1.x prior to 5.1.15, or 5.2.x prior to 5.2.9. It is, therefore, affected by multiple vulnearabilities as referenced by security release advisory: - An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15...

7.5CVSS7.2AI score0.02143EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2025/12/03 12:0 a.m.1 views

Ubuntu: Security Advisory (USN-7903-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.02143EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/12/03 12:0 a.m.7 views

Django 4.2.x < 4.2.27, 5.0.x < 5.1.15, 5.2.x < 5.2.9 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS7.8AI score0.02143EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/12/02 6:30 p.m.3 views

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1470 more potentially affected by CVE-2025-13372 via django (>=5.2.0 <=5.2.8)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-13372 Source advisory: OSV:GHSA-RQW2-GHQ9-44M7...

4.3CVSS6.9AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 6:30 p.m.2 views

chromatrace (>=0.1.6 <=0.1.7), ddos-blocker (>=0.0.3 <=0.0.13) +21 more potentially affected by CVE-2025-13372 via django (>=5.1.0 <=5.1.14)

django PYPI version =5.1.0, =0.1.6, =0.0.3, =0.0.15, =2.7.0, =1.0.3, =0.6.2, =5.1.0, =0.2.30, =1.42.2, =1.21.0, =1.21.1.dev5 and more Source cves: CVE-2025-13372 Source advisory: OSV:GHSA-RQW2-GHQ9-44M7...

4.3CVSS7.3AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 6:30 p.m.5 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +113 more potentially affected by CVE-2025-13372 via django (>=4.2.0 <=4.2.26)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13372 Source advisory: OSV:GHSA-RQW2-GHQ9-44M7...

4.3CVSS7.3AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 4:15 p.m.4 views

chromatrace (>=0.1.6 <=0.1.7), ddos-blocker (>=0.0.3 <=0.0.13) +21 more potentially affected by CVE-2025-13372 via django (>=5.1.0 <=5.1.14)

django PYPI version =5.1.0, =0.1.6, =0.0.3, =0.0.15, =2.7.0, =1.0.3, =0.6.2, =5.1.0, =0.2.30, =1.42.2, =1.21.0, =1.21.1.dev5 and more Source cves: CVE-2025-13372 Source advisory: OSV:PYSEC-2025-104...

4.3CVSS7.3AI score0.00904EPSS
Exploits0
OSV
OSV
added 2025/12/02 4:15 p.m.2 views

DEBIAN-CVE-2025-13372

An issue was discovered in 5.2 before 5.2.9, 5.1 before 5.1.15, and 4.2 before 4.2.27. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet.annotate or QuerySet.alias on PostgreSQL. Earlier...

4.3CVSS8AI score0.00904EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/02 4:15 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +113 more potentially affected by CVE-2025-13372 via django (>=4.2.0 <=4.2.26)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2025-13372 Source advisory: OSV:PYSEC-2025-104...

4.3CVSS7.3AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 3:41 p.m.6 views

aa-altcorp (>=0.1.2b0 <=1.1.1), aa-alumni (>=0.0.1a1 <=1.0.1) +1470 more potentially affected by CVE-2025-13372 via django (>=5.2.0 <=5.2.8)

django PYPI version =5.2.0, =0.1.2b0, =0.0.1a1, =0.1.1, =3.1.0b1, =1.0.3, =0.0.1a2, =0.1.0, =0.2.0, =1.0.0, =1.1.0b3, =0.1.0b1, =0.1.0, =1.1.0 and more Source cves: CVE-2025-13372 Source advisory: SNYK:PYTHON-DJANGO-14157810...

4.3CVSS6.9AI score0.00904EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/12/02 3:41 p.m.7 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +253 more potentially affected by CVE-2025-13372 via django (>=5.0.0 <=5.1.14)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2025-13372 Source advisory: SNYK:PYTHON-DJANGO-14157810...

4.3CVSS6.9AI score0.00904EPSS
Exploits0
Rows per page
Query Builder