3971 matches found
OESA-2024-2003 python-django security update
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with ...
OESA-2024-1974 python-django security update
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very...
UBUNTU-CVE-2024-41036
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: soft...
CVE-2024-41036 net: ks8851: Fix deadlock with the SPI chip variant
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: soft...
CVE-2024-41036 net: ks8851: Fix deadlock with the SPI chip variant
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Fix deadlock with the SPI chip variant When SMP is enabled and spinlocks are actually functional then there is a deadlock with the 'statelock' spinlock between ks8851startxmitspi and ks8851irq: watchdog: BUG: soft...
New Linux Variant of Play Ransomware Targeting VMware ESXi Systems
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play aka Balloonfly and PlayCrypt that's designed to target VMware ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platform, leading to an...
Play Ransomware Group’s New Linux Variant Targets ESXi, Shows Ties With Prolific Puma
Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more...
CVE-2022-48814
In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree...
CVE-2022-48817 net: dsa: ar9331: register the mdiobus under devres
In the Linux kernel, the following vulnerability has been resolved: net: dsa: ar9331: register the mdiobus under devres As explained in commits: 74b6d7d13307 "net: dsa: realtek: register the MDIO bus under devres" 5135e96a3dd2 "net: dsa: don't allocate the slavemiibus using devres" mdiobusfree wi...
GHSA-F6F8-9MX6-9MX2 Django vulnerable to Denial of Service
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...
PYSEC-2024-59
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...
PYSEC-2024-59
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...
SUSE CVE-2024-39614
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...
Django Security Vulnerabilities
Django is a set of open source web application frameworks based on the Python language from the Django Foundation. The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django versions prior to 5.0.7 and prior to 4.2.14, which...
CVE-2024-39614
An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...
SUSE CVE-2024-39482
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
PT-2024-6068
Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.13 Django versions 5.0 through 5.0.6 Description: The issue is related to the get supported language variant function in Django, which can be subject to a potential denial-of-service attack when used with very...
Astra Linux – Vulnerability in Linux 6.1
A speculative race condition SRC vulnerability that affects modern CPU architectures supporting speculative execution related to Spectre V1 has been disclosed. An unauthenticated attacker can exploit this vulnerability to disclose arbitrary data from the CPU using race conditions to access the...
Malicious code in -john-wick-4-keanu-reeves-peliculas-completa-varindo-h-d-varindo-en-casa-tarabi-lliena- (npm)
--- -= Per source details. Do not edit below this line.=-...
Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...