30 matches found
EUVD-2019-18802
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-25045
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping. CVE-2018-2504...
CVE-2025-48381 CVAT has information disclosure via browsable API
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality...
SUSE CVE-2014-7905
Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where an intent for the URL lacks CATEGORYBROWSABLE, which allows remote attackers to bypass intended access restrictions via a crafted web site...
SUSE CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
GHSA-XQCF-HJ92-967M Django REST framework XSS Vulnerability
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
Django REST framework XSS Vulnerability
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
DEBIAN-CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
UBUNTU-CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
Cross site scripting
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
CVE-2018-25045
Django REST framework aka django-rest-framework before 3.9.1 allows XSS because the default DRF Browsable API view templates disable autoescaping...
Django 跨站脚本漏洞
Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system, and more. A security vulnerability exists in Django REST framework versions prior to 3.9.1 that stems from...
Android apps with millions of downloads exposed to high-severity vulnerabilities
Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote albeit complex or local attacks. The vulnerabilities, which affected apps...
CVE-2021-0927
In requestChannelBrowsable of TvInputManagerService.java, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
GHSA-57H7-R3Q3-W57J Cross-Site Scripting
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates...
Cross-Site Scripting
Django-Rest-Framework, before 3.9.1, has a XSS vulnerability caused by disabled autoescaping in the default DRF Browsable API view templates...