EUVD-2025-9536

Malicious code in bioql PyPI...

CVE-2025-27556

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

BookWyrm 授权问题漏洞

BookWyrm is a social reading platform. Versions of BookWyrm prior to 0.4.5 suffer from an authorization issue vulnerability that stems from its lack of rate limiting for authentication views, leading to allowing an attacker to perform a brute force cracking attack...

PT-2022-23031 · Bookwyrm · Bookwyrm

Name of the Vulnerable Software and Affected Versions: BookWyrm versions prior to 0.4.5 Description: BookWyrm, a social network for tracking reading, has an issue where versions prior to 0.4.5 lack rate limiting on authentication views. This lack of rate limiting allows for brute-force attacks. T...

Django跨站脚本执行和两个拒绝服务漏洞

BUGTRAQ ID: 54742 CVE ID: CVE-2012-3442,CVE-2012-3443,CVE-2012-3444 Django是Python编程语言驱动的一个开源Web应用程序框架。 Django 1.3和1.4及其他版本在实现上存在两个安全漏洞，可被恶意用户利用执行跨站脚本攻击和拒绝服务。 1）验证框架中的login或logout试图的重定向功能内传递的输入，在重定向到"data:" scheme URL后没有正确过滤就返回给用户。 2）解压图形时，ImageField类中的图形验证中存在错误，可被利用消耗大量内存资源。...