Lucene search
+L

12 matches found

OpenVAS
OpenVAS
added 2026/03/02 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2026-3adb735295)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.1AI score0.09436EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.9 views

Python Library Django 4.2.x < 4.2.28 / 5.2.x < 5.2.11 / 6.0.x < 6.0.2 Multiple Vulnerabilities

The detected version of the Django Python package, Django, is 4.2.x prior to 4.2.28, 5.2.x prior to 5.2.11, or 6.0.x prior to 6.0.2. It is, therefore, affected by multiple vulnerabilities as referenced by security release advisory: - The django.contrib.auth.handlers.modwsgi.checkpassword function...

8.5CVSS6.1AI score0.09436EPSS
Exploits2References7
vulnersOsv
vulnersOsv
added 2026/02/03 3:49 p.m.3 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1312 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1312 Source advisory: SNYK:PYTHON-DJANGO-15198931...

8.5CVSS7.2AI score0.00802EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.4 views

arches (=8.0.0a1), django-accounts-api (=1.2.5) +24 more potentially affected by CVE-2026-1312 via django (>=6.0.0 <=6.0.1)

django PYPI version =6.0.0, =1.1.0, =0.1.0, =0.1.0b2, =0.1.0, =6.0.0, =0.20.4, =0.22.1 and more Source cves: CVE-2026-1312 Source advisory: OSV:GHSA-6426-9FV3-65X8...

8.5CVSS7.2AI score0.00802EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.8 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1312 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1312 Source advisory: OSV:GHSA-6426-9FV3-65X8...

8.5CVSS7.2AI score0.00802EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:30 p.m.6 views

cg-django-uaa (=2.1.9), deeplabelnet (>=0.1.0 <=0.1.20) +22 more potentially affected by CVE-2026-1312 via django (>=5.2.0 <=5.2.10)

django PYPI version =5.2.0, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =5.2.0, =5.2.1 - djbackup =2.1.0 and more Source cves: CVE-2026-1312 Source advisory: OSV:GHSA-6426-9FV3-65X8...

8.5CVSS7.3AI score0.00802EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/02/03 3:16 p.m.7 views

aldryn-django (>=4.2.10.0 <=4.2.18.0), alertwise (=1.0.0) +114 more potentially affected by CVE-2026-1312 via django (>=4.2.0 <=4.2.27)

django PYPI version =4.2.0, =4.2.10.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =1.3.9, =0.4.0, =0.0.1, =4.16.2, =4.8.0, =0.0.4.dev0, =8.0.0, =8.5.1 and more Source cves: CVE-2026-1312 Source advisory: OSV:PYSEC-2026-47...

8.5CVSS7.2AI score0.00802EPSS
Exploits1
NVD
NVD
added 2026/02/03 3:16 p.m.6 views

CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

8.5CVSS0.00802EPSS
Exploits1References15
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:36 p.m.7 views

CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

5.6AI score0.00802EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/02/03 2:36 p.m.7 views

CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

8.5CVSS7.3AI score0.00802EPSS
Exploits1
OSV
OSV
added 2026/02/03 2:0 p.m.7 views

UBUNTU-CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

8.5CVSS7.3AI score0.00802EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/02/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-1312

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containin...

8.5CVSS6.1AI score0.00802EPSS
Exploits1References2
Rows per page
Query Builder