Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-42005

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL...

9.8CVSS7AI score0.01227EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2024:2816-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.01258EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/11/06 12:0 a.m.25 views

RHEL 8 / 9 : Satellite 6.16.0 (Critical) (RHSA-2024:8906)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8906 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessit...

9.8CVSS6.9AI score0.28637EPSS
Exploits4References277
RedHat Linux
RedHat Linux
added 2024/11/05 5:49 p.m.282 views

Critical: Red Hat Security Advisory: Satellite 6.16.0 release

A new release is now available for Red Hat Satellite 6.16 for RHEL 8 and 9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

9.8CVSS6.8AI score0.28637EPSS
Exploits4References262
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/23 4:44 p.m.29 views

Security Bulletin: Denial of service and SQL injection might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable and can result in data confidentiality and service availabilty issues. The vulnerabilities have been addressed. CVE-2024-38325, CVE-2024-41990, CVE-2024-41989, CVE-2024-42005, CVE-2024-42005, CVE-2024-41991, CVE-2024-38324...

9.8CVSS7.7AI score0.01258EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2024/09/05 2:13 p.m.53 views

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.7AI score0.28637EPSS
Exploits2References13
Hacker One
Hacker One
added 2024/08/08 10:41 a.m.81 views

Internet Bug Bounty: CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()

CVE-2024-42005: Potential SQL injection in QuerySet.values and valueslist A vulnerability was discovered in Django where the QuerySet.values and valueslist methods on models with a JSONField were subject to SQL injection in column aliases via a crafted JSON object key as a passed argument...

9.8CVSS7.5AI score0.01227EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.26 views

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2024:2816-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2816-1 advisory. - CVE-2024-42005: Fixed SQL injection in QuerySet.values and valueslist bsc1228629 - CVE-2024-41989: Fixed Memory exhaustion in...

9.8CVSS7.3AI score0.01258EPSS
Exploits0References13
vulnersOsv
vulnersOsv
added 2024/08/07 3:30 p.m.5 views

aldryn-django (=4.2.10.0), am-report (=0.1.5) +81 more potentially affected by CVE-2024-42005 via django (>=4.2.0 <=4.2.14)

django PYPI version =4.2.0, =7.5.1, =0.0.1, =0.4.0, =5.2.0, =0.5.1, =0.12.2, =3.1.0, =7.2.2, =39.1.0, =39.1.4 and more Source cves: CVE-2024-42005 Source advisory: OSV:GHSA-PV4P-CWWG-4RPH...

9.8CVSS6.8AI score0.01227EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/08/07 3:15 p.m.3 views

11x-wagtail-blog (>=0.0.0 <=0.2.0), aldryn-django (>=5.0.2.0 <=5.0.11.0) +239 more potentially affected by CVE-2024-42005 via django (>=5.0.0 <=5.0.7)

django PYPI version =5.0.0, =0.0.0, =5.0.2.0, =0.0.15, =1.14.3, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =0.1.0, =0.2.5 and more Source cves: CVE-2024-42005 Source advisory: OSV:PYSEC-2024-70...

9.8CVSS6.8AI score0.01227EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/07 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-6946-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.01258EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/08/07 12:0 a.m.19 views

Django 4.x < 4.2.15, 5.x < 5.0.8 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

9.8CVSS7.7AI score0.01258EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2024/08/07 12:0 a.m.17 views

CVE-2024-42005

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. QuerySet.values and valueslist methods on models with a JSONField are subject to SQL injection in column aliases via a crafted JSON object key as a passed arg...

9.8CVSS7.8AI score0.01227EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/07 12:0 a.m.27 views

Django 4.x < 4.2.15, 5.x < 5.0.8 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

9.8CVSS7.7AI score0.01258EPSS
Exploits0References1
Rows per page
Query Builder