The vulnerabilities of the LoginView, LogoutView functions, and the set_language() function on the Django web application programming platform allow a hacker to cause a service failure.

The vulnerability of the LoginView, LogoutView, and setlanguage functions in the Django web application framework is related to the unlimited distribution of resources. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free of encap entry in neigh update handler CVE-2021-47247 In the Linux kernel, the following vulnerability has been resolved: i2c: dev: check return value when calling devsetname...

CVE-2024-22351

IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

CVE-2024-22351 IBM InfoSphere Information Server session fixation

IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system...

IBM InfoSphere Information Server 代码问题漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An access control error vulnerability exists in IBM InfoSphere Information Server version 11.7,...

SUSE CVE-2017-7358

In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out...

📄 Blood Bank and Donor Management System 2.4 Cross Site Request Forgery

Blood Bank and Donor Management System version 2.4 suffers from a cross site request forgery vulnerability. Exploit Title: Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation Google Dork: N/A Date: 2024-12-26 Exploit Author: Kwangyun Keum Vendor Homepage:...

Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation

Exploit Title: Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation Google Dork: N/A Date: 2024-12-26 Exploit Author: Kwangyun Keum Vendor Homepage: https://phpgurukul.com/ Software Link: https://phpgurukul.com/blood-bank-donor-management-system/ Version: 2.4 Tested on: Windo...

CVE-2024-49825 IBM Robotic Process Automation session fixation

IBM Robotic Process Automation and Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.20 and 23.0.0 through 23.0.20 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system...

CVE-2025-30516

Mattermost Mobile Apps versions =2.25.0 fail to terminate sessions during logout under certain conditions e.g. poor connectivity, allowing unauthorized users on shared devices to access sensitive notification content via continued mobile notifications...

Mattermost Mobile Apps 安全漏洞

Mattermost Mobile Apps is a messaging mobile application from Mattermost USA. Mattermost Mobile Apps suffers from an information disclosure vulnerability that stems from a failure to properly terminate a session when logging out, which can be exploited by an attacker to disclose sensitive...

Moodle 4.3.x < 4.3.4 Multiple Vulnerabilities

According to its self-reported version, the Moodle install hosted on the remote host is 4.3.x prior to 4.3.4. It is, therefore, affected by multiple vulnerabilities. - Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect...

Allocation of Resources Without Limits or Throttling

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView...

GHSA-WQFG-M96J-85VM Django Potential Denial of Service (DoS) on Windows

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

CVE-2024-25051

IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system...

CVE-2025-27556

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

PYSEC-2025-14

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

PYSEC-2025-14

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

PT-2025-14483

Name of the Vulnerable Software and Affected Versions Django versions 5.1 before 5.1.8 Django versions 5.0 before 5.0.14 Description An issue was discovered where the NFKC normalization is slow on Windows, making certain views subject to a potential denial-of-service attack via certain inputs wit...

IBM Jazz Reporting Service 代码问题漏洞

IBM Jazz Reporting Service is a suite of ready-to-use reporting components from International Business Machines IBM. The product includes features such as report generation, data collection and lifecycle queries. A code issue vulnerability exists in IBM Jazz Reporting Service that stems from a...