PT-2025-48749

Name of the Vulnerable Software and Affected Versions long2ice assyncmy versions through 0.2.10 Description A SQL injection issue exists in long2ice assyncmy. Attackers can execute arbitrary SQL commands by using specially crafted dictionary keys. Recommendations At the moment, there is no...

SUSE CVE-2025-64459

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. The methods QuerySet.filter, QuerySet.exclude, and QuerySet.get, and the class Q, are subject to SQL injection when using a suitably crafted dictionary, with dictionary expansion, as the connector argument...

EUVD-2022-0088

Malicious code in bioql PyPI...

EUVD-2022-0087

Malicious code in bioql PyPI...

EUVD-2025-26641

Malicious code in bioql PyPI...

Django SQL注入漏洞

Django is a set of open source web application framework based on Python language from Django Foundation. The framework includes an object-oriented mapper, a view system, a template system, and more. A SQL injection vulnerability exists in Django version 4.2 up to and including 4.2.25, version 5....

FreeBSD : goldendict -- dangerous method exposed (4ccd6222-9c83-11f0-a337-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4ccd6222-9c83-11f0-a337-b42e991fc52e advisory. [email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading a...

Linux Distros Unpatched Vulnerability : CVE-2025-53964

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for a...

SUSE CVE-2025-53964

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...

UBUNTU-CVE-2025-53964

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...

CVE-2025-53964

GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...

CVE-2025-53964

Removed by vendor...

goldendict -- dangerous method exposed

[email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading and modifying files when a user adds a crafted dictionary and then searches for any term included in that dictionary...

Exploit for SQL Injection in Djangoproject Django

CVE-2022-28346 A flaw was found in the Django package, which l...

SUSE CVE-2012-1132

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via crafted dictionary data in a Type 1 font...

SUSE CVE-2018-16982

Open Chinese Convert OpenCC 1.0.5 allows attackers to cause a denial of service segmentation fault because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file...

Django: SQL injection via QuerySet.explain(options) on PostgreSQL

A flaw was found in the Django package, leading to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely...

SQL Injection in Django

A SQL injection issue was discovered in QuerySet.explain in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary with dictionary expansion as the options argument, and placing the injection payload in an option name...

CVE-2022-28346

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate, aggregate, and extra methods are subject to SQL injection in column aliases via a crafted dictionary with dictionary expansion as the passed kwargs...

UBUNTU-CVE-2018-16982

Open Chinese Convert OpenCC 1.0.5 allows attackers to cause a denial of service segmentation fault because BinaryDict::NewFromFile in BinaryDict.cpp may have out-of-bounds keyOffset and valueOffset values via a crafted .ocd file...