CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...

7.1CVSS6AI score0.00592EPSS

Exploits0References9

PyPA•added 2025/10/01 7:15 p.m.•9 views

PYSEC-2025-106

9.8CVSS7.2AI score0.00592EPSS

Exploits0References5Affected Software1

OSV•added 2025/10/01 2:0 p.m.•0 views

UBUNTU-CVE-2025-59681

9.8CVSS7.2AI score0.00592EPSS

Exploits0References3

AlpineLinux•added 2025/10/01 12:0 a.m.•6 views

CVE-2025-59681

9.8CVSS8AI score0.00592EPSS

Exploits0

Cvelist•added 2025/10/01 12:0 a.m.•9 views

CVE-2025-59681

7.1CVSS0.00592EPSS

Exploits0References3

Vulnrichment•added 2025/10/01 12:0 a.m.•2 views

CVE-2025-59681

7.1CVSS7.5AI score0.00592EPSS

Exploits0References3

OSV•added 2025/09/26 1:9 p.m.•6 views

OESA-2025-2354 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted...

8.1CVSS8AI score0.15602EPSS

Exploits4References2

Redos•added 2025/09/24 12:0 a.m.•6 views

ROS-20250924-06

A vulnerability in the Django web application software platform is related to insufficient cleanup of the user data in FilteredRelation column aliases. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary SQL queries in the database A vulnerability in the...

8.1CVSS8.1AI score0.15602EPSS

Exploits4

OSV•added 2025/09/18 1:33 p.m.•2 views

CVE-2023-53383 irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4

In the Linux kernel, the following vulnerability has been resolved: irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4 The T241 platform suffers from the T241-FABRIC-4 erratum which causes unexpected behavior in the GIC when multiple transactions are received simultaneously from different...

5.5CVSS6.7AI score0.00134EPSS

Exploits0References6

SUSE CVE•added 2025/09/16 11:30 p.m.•5 views

SUSE CVE-2023-53294

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix null-ptr-deref on inode-iop in ntfslookup Syzbot reported a null-ptr-deref bug: ntfs3: loop0: Different NTFS' sector size 1024 and media sector size 512 ntfs3: loop0: Mark volume as dirty due to NTFS errors general...

5.5CVSS6.5AI score0.00135EPSS

Exploits0References3

NVD•added 2025/09/16 8:15 a.m.•5 views

CVE-2023-53294

5.5CVSS0.00135EPSS

Exploits0References5

Debian•added 2025/09/15 11:42 p.m.•9 views

[SECURITY] [DLA 4301-1] python-django security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4301-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb September 15, 2025 https://wiki.debian.org/LTS -...

8.1CVSS7.8AI score0.15602EPSS

Exploits4

F5 Networks•added 2025/09/15 1:5 a.m.•6 views

K000154686: Intel Xeon processors vulnerability CVE-2025-24305

Security Advisory Description Insufficient control flow management in the Alias Checking Trusted Module ACTM firmware for some IntelR XeonR processors may allow a privileged user to potentially enable escalation of privilege via local access. CVE-2025-24305 Impact There is no impact; F5 products...

7.2CVSS6.7AI score0.00134EPSS

Exploits0

OSV•added 2025/09/12 2:24 p.m.•5 views

OESA-2025-2237 python-django security update

8.1CVSS8AI score0.15602EPSS

Exploits4References2

OSV•added 2025/09/12 2:24 p.m.•6 views

OESA-2025-2236 python-django security update

8.1CVSS8AI score0.15602EPSS

Exploits4References2

Rows per page