Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1248 matches found

OSV
OSVadded 2023/02/01 12:59 p.m.0 views

USN-5837-1 python-django vulnerability

Nick Pope discovered that Django incorrectly handled certain Accept-Language headers. A remote attacker could possibly use this issue to cause Django to consume memory, leading to a denial of service...

7.5CVSS6.9AI score0.05085EPSS
Exploits0References2
OSV
OSVadded 2023/02/01 10:0 a.m.0 views

UBUNTU-CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.05085EPSS
Exploits0References5
UbuntuCve
UbuntuCveadded 2023/02/01 10:0 a.m.26 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS6.8AI score0.05085EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/02/01 12:0 a.m.3 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.4AI score0.05085EPSS
Exploits0References7
FreeBSD
FreeBSDadded 2023/02/01 12:0 a.m.30 views

Django -- multiple vulnerabilities

Django reports: CVE-2023-23969: Potential denial-of-service via Accept-Language headers...

7.5CVSS7.7AI score0.05085EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2023/02/01 12:0 a.m.16 views

Ubuntu 16.04 ESM : Django vulnerability (USN-5837-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5837-2 advisory. USN-5837-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...

7.5CVSS7AI score0.05085EPSS
Exploits0References2
CNNVD
CNNVDadded 2023/02/01 12:0 a.m.1 views

Django 安全漏洞

Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system and so on. A security vulnerability exists in Django version 3.2 up to and including version 3.2.17, version...

7.5CVSS6.8AI score0.05085EPSS
Exploits0References12
Debian CVE
Debian CVEadded 2023/02/01 12:0 a.m.34 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.5CVSS7AI score0.05085EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2023/02/01 12:0 a.m.4 views

PT-2023-1350 · Django +6 · Django +6

Name of the Vulnerable Software and Affected Versions: Django versions 3.2 through 3.2.16 Django versions 4.0 through 4.0.8 Django versions 4.1 through 4.1.5 Description: The issue is related to the handling of the Accept-Language header in Django, which can lead to excessive memory usage and a...

9.8CVSS6.2AI score0.92834EPSS
Exploits30References153
Cvelist
Cvelistadded 2023/02/01 12:0 a.m.22 views

CVE-2023-23969

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very larg...

7.7AI score0.05085EPSS
Exploits0References7
Patchstack
Patchstackadded 2023/01/17 12:0 a.m.11 views

WordPress Easy Accept Payments Plugin < 4.9.10 is vulnerable to Cross Site Scripting (XSS)

Software Easy Accept Payments Type Plugin Vulnerable versions 4.9.10 Fixed in 4.9.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0275 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 334f1469f03f Credits Lana Codes...

5.4CVSS5.6AI score0.00296EPSS
Exploits2References4Affected Software1
OSV
OSVadded 2022/12/30 9:15 p.m.18 views

CVE-2017-20154

A vulnerability was found in ghostlander Phoenixcoin. It has been classified as problematic. Affected is the function CTxMemPool::accept of the file src/main.cpp. The manipulation leads to denial of service. Upgrading to version 0.6.6.1-pxc is able to address this issue. The name of the patch is...

7.5CVSS6.9AI score0.00462EPSS
Exploits0References4
Prion
Prionadded 2022/12/30 9:15 p.m.12 views

Security feature bypass

A vulnerability was found in ghostlander Phoenixcoin. It has been classified as problematic. Affected is the function CTxMemPool::accept of the file src/main.cpp. The manipulation leads to denial of service. Upgrading to version 0.6.6.1-pxc is able to address this issue. The name of the patch is...

5CVSS7.5AI score0.00462EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2022/12/30 8:40 p.m.62 views

CVE-2017-20154

The CVE-2017-20154 issue affects Ghostlander Phoenixcoin (src/main.cpp) in the CTxMemPool::accept function. The vulnerability allows denial of service due to a manipulation in the mempool acceptance logic. Affected versions are prior to 0.6.6.1-pxc; upgrading to 0.6.6.1-pxc addresses the issue (p...

7.5CVSS5.6AI score0.00462EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologiesadded 2022/12/30 12:0 a.m.2 views

PT-2022-8019 · Unknown · Phoenixcoin

Name of the Vulnerable Software and Affected Versions: Phoenixcoin versions prior to 0.6.6.1-pxc Description: A problematic issue was found in the function CTxMemPool::accept of the file src/main.cpp, which can lead to denial of service. Recommendations: For versions prior to 0.6.6.1-pxc, upgrade...

7.5CVSS7AI score0.00462EPSS
Exploits0References6
OSV
OSVadded 2022/12/08 2:26 a.m.10 views

GSD-2022-1007712 io_uring: fix multishot accept request leaks

iouring: fix multishot accept request leaks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.10 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologiesadded 2022/12/08 12:0 a.m.1 views

PT-2022-35967 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to a potential security vulnerability in the io uring subsystem, specifically with multishot accept request leaks. The actual impact and attack plausibility have not yet...

7.2AI score
Exploits0References1
RedHat Linux
RedHat Linuxadded 2022/11/15 1:20 p.m.1 views

golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension

A flaw was found in golang.org. In x/text, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension...

7.5CVSS7.1AI score0.00138EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2022/11/14 12:0 a.m.1 views

PT-2022-35210 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.17 through v5.15.76 Description: A null pointer dereference issue was discovered in the tipc topsrv accept function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kerne...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologiesadded 2022/11/14 12:0 a.m.1 views

PT-2022-35603 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.223 Description: A null pointer dereference issue was found in the tipc topsrv accept function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...

7.2AI score
Exploits0References1
Rows per page
Query Builder