CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в pypy

Python versions 2.7.x through 2.7.16, and 3.x through 3.7.2 are affected by improper handling of Unicode encoding with an incorrect netloc during NFKC normalization. The impact is information disclosure—credentials, cookies, etc., that are cached against a given hostname. The affected components...

9.8CVSS6.7AI score0.08764EPSS

Exploits0References2

Tenable Nessus•added 2026/03/06 12:0 a.m.•3 views

NewStart CGSL MAIN 6.06 (SP) : glibc Multiple Vulnerabilities (NS-SA-2026-0027)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has glibc packages installed that are affected by multiple vulnerabilities: - The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed...

9.8CVSS6.7AI score0.41417EPSS

Exploits28References49

NVD•added 2026/03/03 3:16 p.m.•6 views

CVE-2026-25673

An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. URLField.topython in Django calls urllib.parse.urlsplit, which performs NFKC normalization on Windows that is disproportionately slow for certain Unicode characters, allowing a remote attacker to cause denial o...

7.5CVSS0.0024EPSS

Exploits0References3

Debian CVE•added 2026/03/03 2:28 p.m.•4 views

CVE-2026-25673

7.5CVSS5.4AI score0.0024EPSS

Exploits0

OSV•added 2025/11/14 12:39 p.m.•4 views

OESA-2025-2680 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence,...

9.1CVSS7.9AI score0.00296EPSS

Exploits11References3

OSV•added 2025/11/14 12:39 p.m.•6 views

OESA-2025-2679 python-django security update

9.1CVSS7.8AI score0.00296EPSS

Exploits11References3

OSV•added 2025/11/14 12:39 p.m.•4 views

OESA-2025-2677 python-django security update

9.1CVSS7.9AI score0.00296EPSS

Exploits11References3

RedhatCVE•added 2025/11/07 10:39 p.m.•3 views

CVE-2025-64458

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence, django.http.HttpResponseRedirect, django.http.HttpResponsePermanentRedirect, and the shortcut django.shortcuts.redirect were subject to a...

7.5CVSS6.5AI score0.00026EPSS

Exploits1References7

SUSE CVE•added 2025/11/07 12:23 a.m.•4 views

SUSE CVE-2025-64458

7.5CVSS6.9AI score0.00026EPSS

Exploits1References3

OSV•added 2025/11/05 3:31 p.m.•0 views

GHSA-QW25-V68C-QJF3 Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows

7.5CVSS5.8AI score0.00026EPSS

Exploits1References10

Github Security Blog•added 2025/11/05 3:31 p.m.•10 views

Django has a denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows

7.5CVSS6.9AI score0.00026EPSS

Exploits1References10Affected Software1

NVD•added 2025/11/05 3:15 p.m.•6 views

CVE-2025-64458

7.5CVSS0.00026EPSS

Exploits1References3

Vulnrichment•added 2025/11/05 3:7 p.m.•4 views

CVE-2025-64458 Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows

6.5AI score0.00026EPSS

Exploits1References3

Cvelist•added 2025/11/05 3:7 p.m.•12 views

CVE-2025-64458 Potential denial-of-service vulnerability in HttpResponseRedirect and HttpResponsePermanentRedirect on Windows

0.00026EPSS

Exploits1References3

CVE•added 2025/11/05 3:7 p.m.•22 views

CVE-2025-64458

CVE-2025-64458 is a Django IIS/Windows-specific DoS caused by slow NFKC normalization in Python, affecting HttpResponseRedirect, HttpResponsePermanentRedirect, and django.shortcuts.redirect. Affected Django releases: 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. IBM and EU/PC bullet...

7.5CVSS6.5AI score0.00026EPSS

Exploits1References3Affected Software1

Tenable Nessus•added 2025/09/30 12:0 a.m.•2 views

NewStart CGSL MAIN 6.06 : glibc Multiple Vulnerabilities (NS-SA-2025-0229)

The remote NewStart CGSL host, running version MAIN 6.06, has glibc packages installed that are affected by multiple vulnerabilities: - The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed...

9.8CVSS6.6AI score0.41417EPSS

Exploits28References49

SUSE CVE•added 2025/04/05 2:24 a.m.•3 views

SUSE CVE-2025-27556

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.setlanguage are subject to a potential denial-of-service attack v...

5.8CVSS6.9AI score0.00011EPSS

Exploits1References4

Github Security Blog•added 2025/04/02 3:31 p.m.•27 views

Django Potential Denial of Service (DoS) on Windows

7.5CVSS7AI score0.00011EPSS

Exploits1References11Affected Software1

Snyk•added 2025/04/02 3:31 p.m.•4 views

Allocation of Resources Without Limits or Throttling

Overview Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView...

7.5CVSS5.7AI score0.00011EPSS

Exploits1References2

NVD•added 2025/04/02 1:15 p.m.•16 views

CVE-2025-27556

7.5CVSS0.00011EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by