Lucene search
K

24 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.24 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7915: fixed the possible NULL pointer dereferencing in mt7915macfillrxvector. Fixed the possible NULL pointer dereferencing in mt7915macfillrxvector if the chip does not support dbdc and the hardware reports bandidx se...

5.5CVSS6.3AI score0.0021EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/07 5:9 p.m.14 views

Django: Django: SQL Injection via RasterField band index parameter

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS7.3AI score0.09436EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/26 8:30 p.m.9 views

Django: Django: SQL Injection via RasterField band index parameter

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS7.4AI score0.09436EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/26 8:28 p.m.7 views

Django: Django: SQL Injection via RasterField band index parameter

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS7.4AI score0.09436EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/06 4:36 p.m.6 views

Django: Django: SQL Injection via RasterField band index parameter

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS5.9AI score0.09436EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2026/03/06 11:0 a.m.4 views

Django: Django: SQL Injection via RasterField band index parameter

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS5.9AI score0.09436EPSS
Exploits1References7
VulnCheck KEV
VulnCheck KEV
added 2026/02/26 12:0 a.m.26 views

VulnCheck KEV: CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.4CVSS5.9AI score0.09436EPSS
In wildExploits1References3
Veracode
Veracode
added 2026/02/11 8:27 a.m.7 views

SQL Injection

Django is vulnerable to SQL injection. The vulnerability is due to improper sanitization of the band index parameter in RasterField lookups PostGIS backend, allowing remote attackers to inject malicious SQL through crafted raster queries...

8.3CVSS5.8AI score0.09436EPSS
Exploits1References19Affected Software1
OSV
OSV
added 2026/02/05 8:38 a.m.6 views

BIT-DJANGO-2026-1207 Potential SQL injection via raster lookups on PostGIS

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS5.6AI score0.09436EPSS
Exploits1References16
SUSE CVE
SUSE CVE
added 2026/02/05 12:27 a.m.10 views

SUSE CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.1CVSS5.6AI score0.09436EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/03 4:7 p.m.6 views

CVE-2026-1207

A flaw was found in Django. A remote attacker could inject SQL commands by manipulating the band index parameter during raster lookups on RasterField only implemented on PostGIS. This SQL injection vulnerability could lead to unauthorized information disclosure, data alteration, or denial of...

8.3CVSS5.5AI score0.09436EPSS
Exploits1References6
OSV
OSV
added 2026/02/03 3:30 p.m.10 views

GHSA-MWM9-4648-F68Q Django has an SQL Injection issue

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

9.3CVSS6AI score0.09436EPSS
Exploits1References7
AlpineLinux
AlpineLinux
added 2026/02/03 2:35 p.m.7 views

CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS5.7AI score0.09436EPSS
Exploits1
OSV
OSV
added 2026/02/03 2:35 p.m.6 views

CVE-2026-1207 Potential SQL injection via raster lookups on PostGIS

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.4CVSS6.9AI score0.09436EPSS
Exploits1References19
EUVD
EUVD
added 2026/02/03 2:35 p.m.5 views

EUVD-2026-5253

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.4CVSS5.7AI score0.09436EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:35 p.m.6 views

CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

5.7AI score0.09436EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/02/03 2:35 p.m.51 views

CVE-2026-1207 Potential SQL injection via raster lookups on PostGIS

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

0.09436EPSS
Exploits1References3
CVE
CVE
added 2026/02/03 2:35 p.m.124 views

CVE-2026-1207

CVE-2026-1207 affects Django: vulnerable in Django 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. The issue is in raster lookups on RasterField (PostGIS only) that allows remote SQL injection via the band index parameter. Older unsupported Django series (5.0.x, 4.1.x, 3.2.x) were not...

8.3CVSS5.7AI score0.09436EPSS
In wildExploits1References15Affected Software1
OSV
OSV
added 2026/02/03 2:0 p.m.5 views

UBUNTU-CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.3CVSS7.2AI score0.09436EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/02/26 2:13 a.m.2 views

CVE-2022-49484 mt76: mt7915: fix possible NULL pointer dereference in mt7915_mac_fill_rx_vector

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible NULL pointer dereference in mt7915macfillrxvector Fix possible NULL pointer dereference in mt7915macfillrxvector routine if the chip does not support dbdc and the hw reports bandidx set to 1...

6.4AI score0.0021EPSS
Exploits0References2
Rows per page
Query Builder