PT-2025-40287

Name of the Vulnerable Software and Affected Versions podofo versions 0.10.0 through 0.10.5 Description A heap-use-after-free issue exists in the PdfTokenizer::ReadDictionary function. This allows attackers to potentially cause a Denial of Service DoS by providing a specially crafted PDF file...

PT-2025-40290

Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.25 Django versions 5.1 through 5.1.13 Django versions 5.2 through 5.2.7 Description A SQL injection issue exists in Django’s QuerySet methods—specifically annotate, alias, aggregate, and extra—when using a craft...

FreeBSD : goldendict -- dangerous method exposed (4ccd6222-9c83-11f0-a337-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4ccd6222-9c83-11f0-a337-b42e991fc52e advisory. [email protected] reports: GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows reading a...

django: Django SQL injection in FilteredRelation column aliases

An SQL injection flaw has been discovered in the Django web framework. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

Amazon Linux 2 : python-templated-dictionary, --advisory ALAS2MOCK2-2025-001 (ALASMOCK2-2025-001)

It is, therefore, affected by a vulnerability as referenced in the ALAS2MOCK2-2025-001 advisory. The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems...

Medium: python-templated-dictionary

Issue Overview: The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext version v15.57.5 that stems from insufficient validation of the inventorydimensionsdict parameter, which could lead to an SQL injection attack...

OESA-2025-2237 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted...

OESA-2025-2236 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted...

OESA-2025-2234 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted...

Monai: Unsafe use of Pickle deserialization may lead to RCE

To prevent this report from being deemed inapplicable or out of scope, due to the project's unique nature for medical applications and widespread popularity 6k+ stars, it's important to pay attention to some of the project's inherent security issues. This is because medical professionals may not...

Django is subject to SQL injection through its column aliases

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

Local Root Exploit via Configuration Dictionary

...

PYSEC-2025-105

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

SQL Injection

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to SQL Injection in the FilteredRelation class when a specially crafted dictionary is used with dictionary expansion as the kwargs...

CVE-2025-57833

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

CVE-2025-57833

CVE-2025-57833 affects Django 4.2 (pre-4.2.24), 5.1 (pre-5.1.12), and 5.2 (pre-5.2.6). The vulnerability arises in FilteredRelation where SQL injection can occur via column aliases when a crafted dictionary is expanded through **kwargs passed to QuerySet.annotate() or QuerySet.alias(). The issue ...

CVE-2025-57833

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

CVE-2025-57833

An issue was discovered in Django 4.2 before 4.2.24, 5.1 before 5.1.12, and 5.2 before 5.2.6. FilteredRelation is subject to SQL injection in column aliases, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed QuerySet.annotate or QuerySet.alias...

Linux Distros Unpatched Vulnerability : CVE-2025-9394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the...