1554 matches found
Updated python-django packages fix a security vulnerability
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...
EUVD-2025-35570
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...
CVE-2025-39534
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...
CVE-2025-39534
CVE-2025-39534 is a Reflected XSS in the WordPress plugin “Terms Dictionary” (terms-dictionary) affecting versions up to 1.5.1. The issue arises from improper neutralization of input during web page generation, enabling an attacker to inject and execute script in the context of users visiting a c...
CVE-2025-39534 WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...
CVE-2025-39534 WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...
WordPress plugin terms-dictionary 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-43152
Name of the Vulnerable Software and Affected Versions Somonator Terms Dictionary versions through 1.5.1 Description The Somonator Terms Dictionary software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting XSS condition...
Linux Distros Unpatched Vulnerability : CVE-2025-11579
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a...
Deserialization Of Untrusted Data
monai is vulnerable to Unsafe Deserialization. The vulnerability is due to the pickleoperations function automatically deserializing dictionary key-value pairs with a specific suffix without any validation, An attackers can supply crafted pickle payloads to execute arbitrary code when those value...
System Password Security: Attack and Defense Mechanisms
System passwords serve as critical credentials for user authentication and access control when logging into operating systems or applications. Upon entering a valid password, users pass verification to access system resources and execute corresponding operations. In recent years, frequent passwor...
rardecode: DoS risk due to unrestricted RAR dictionary sizes
rardecode versions = 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
Memory Allocation with Excessive Size Value
Overview Affected versions of this package are vulnerable to Memory Allocation with Excessive Size Value via the maxDictSize parameter when processing large RAR files. An attacker can cause the application to crash or become unresponsive by supplying a specially crafted RAR archive that triggers...
EUVD-2025-33711
rardecode: DoS risk due to unrestricted RAR dictionary sizes...
GHSA-RWVP-R38J-9RGG rardecode: DoS risk due to unrestricted RAR dictionary sizes
rardecode versions = 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
DEBIAN-CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
UBUNTU-CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579 DoS via Out Of Memory Crash
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-11579 DoS via Out Of Memory Crash
github.com/nwaples/rardecode versions =2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...