Lucene search
+L

20 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/03/12 9:43 p.m.9 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Django-4.2.15-py3-none-any.whl CVE-2024-45231. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-45231 DESCRIPTION: Django could allow a remote attacker to obtai...

9.8CVSS7.5AI score0.25782EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/24 11:37 p.m.21 views

Security Bulletin: Denial of service, SQL injection, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, SQL injection, and others. The vulnerabilities have been addressed. CVE-2023-52425, CVE-2024-53908, CVE-2024-53907, CVE-2023-52426, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626,...

9.8CVSS9.2AI score0.18087EPSS
Exploits21Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/12 12:0 a.m.4 views

python310-Django-5.1.4-1.1 on GA media (moderate)

python310-Django-5.1.4-1.1 on GA media Announcement ID: openSUSE-SU-2024:14568-1 Rating: moderate Cross-References: CVE-2024-53907 CVE-2024-53908 CVSS scores: CVE-2024-53907 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53908 SUSE : 9.1...

9.1CVSS9.3AI score0.01424EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/12/12 12:0 a.m.20 views

openSUSE Security Advisory (SUSE-SU-2024:4285-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.01424EPSS
Exploits0References5
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/10 12:0 a.m.5 views

python310-Django4-4.2.17-1.1 on GA media (moderate)

python310-Django4-4.2.17-1.1 on GA media Announcement ID: openSUSE-SU-2024:14565-1 Rating: moderate Cross-References: CVE-2024-53907 CVE-2024-53908 CVSS scores: CVE-2024-53907 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2024-53908 SUSE : 9.1...

9.1CVSS9.3AI score0.01424EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/12/09 12:0 a.m.29 views

Django 4.x < 4.2.17, 5.0.x < 5.0.10, 5.1.x < 5.1.4 Multiple Vulnerabilities - Windows

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

9.8CVSS7.3AI score0.01424EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/12/09 12:0 a.m.25 views

Django 4.x < 4.2.17, 5.0.x < 5.0.10, 5.1.x < 5.1.4 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

9.8CVSS7.3AI score0.01424EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/12/06 12:30 p.m.5 views

artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: OSV:GHSA-M9G8-FXXM-XG86...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/06 12:30 p.m.6 views

aldryn-django (=4.2.10.0), alertwise (=1.0.0) +93 more potentially affected by CVE-2024-53908 via django (>=4.2.0 <=4.2.16)

django PYPI version =4.2.0, =65.10.0, =7.5.1, =1.0.2, =0.0.1, =0.4.0, =4.16.2, =4.8.0, =8.0.0, =5.2.0, =5.2.2 - cpu-utilization-monitoring =0.1.3 and more Source cves: CVE-2024-53908 Source advisory: OSV:GHSA-M9G8-FXXM-XG86...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/06 12:15 p.m.3 views

artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: OSV:PYSEC-2024-157...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
Chainguard
Chainguard
added 2024/12/06 12:15 p.m.20 views

CVE-2024-53908 vulnerabilities

Vulnerabilities for packages: awx, py3-django...

9.8CVSS6.5AI score0.01424EPSS
Exploits0
Wolfi
Wolfi
added 2024/12/06 12:15 p.m.22 views

CVE-2024-53908 vulnerabilities

Vulnerabilities for packages: py3-django...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/12/06 3:49 a.m.3 views

SUSE CVE-2024-53908

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

9.1CVSS8AI score0.01424EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/06 12:0 a.m.35 views

CVE-2024-53908

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

0.01424EPSS
Exploits0References3
CVE
CVE
added 2024/12/06 12:0 a.m.486 views

CVE-2024-53908

Django vulnerability CVE-2024-53908 affects Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The issue arises from direct usage of the django.db.models.fields.json.HasKey lookup when an Oracle database is used, allowing SQL injection if untrusted data is supplied as the left-han...

9.8CVSS7.5AI score0.01424EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/06 12:0 a.m.16 views

CVE-2024-53908

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

7.5AI score0.01424EPSS
Exploits0References3
OSV
OSV
added 2024/12/04 8:8 p.m.4 views

USN-7136-2 python-django vulnerability

USN-7136-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: jiangniao discovered that Django incorrectly handled the API to strip tags. A remote attacker could possibly use this issue to cause Djan...

7.5CVSS7.3AI score0.01398EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/12/04 3:0 p.m.13 views

CVE-2024-53908

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. Direct usage of the django.db.models.fields.json.HasKey lookup, when an Oracle database is used, is subject to SQL injection if untrusted data is used as an lhs value. Applications that use the...

9.8CVSS7.2AI score0.01424EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/12/04 12:0 a.m.3 views

artd-customer (>=0.0.20 <=0.0.23), artd-location (>=0.0.13 <=0.0.21) +62 more potentially affected by CVE-2024-53908 via django (>=5.0.0 <=5.0.1)

django PYPI version =5.0.0, =0.0.20, =0.0.13, =0.0.19, =0.0.34, =0.0.50, =0.0.5, =0.0.11, =1.0.3, =1.0.0, =6.0.0, =2.8.1, =0.3.0, =24.1.1, =24.2.0 and more Source cves: CVE-2024-53908 Source advisory: SNYK:PYTHON-DJANGO-8456316...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/04 12:0 a.m.3 views

aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +490 more potentially affected by CVE-2024-53908 via django (>=4.0.0 <=4.2.16)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2024-53908 Source advisory: SNYK:PYTHON-DJANGO-8456316...

9.8CVSS7.1AI score0.01424EPSS
Exploits0
Rows per page
Query Builder