CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OpenVAS•added 2016/11/08 12:0 a.m.•28 views

Ubuntu: Security Advisory (USN-3115-1)

9.8CVSS8AI score0.03671EPSS

Exploits0References2

OSV•added 2016/11/06 10:34 a.m.•7 views

MGASA-2016-0368 Updated python-django packages fix security vulnerabilities

User with hardcoded password created when running tests on Oracle When running tests with an Oracle database, Django creates a temporary database user. In older versions, if a password isn't manually specified in the database settings TEST dictionary, a hardcoded password is used. This could allo...

9.8CVSS8.6AI score0.03671EPSS

Exploits0References4

ArchLinux•added 2016/10/21 12:0 a.m.•47 views

[ASA-201610-13] python-django: cross-site request forgery

Arch Linux Security Advisory ASA-201610-13 ========================================== Severity: Medium Date : 2016-10-21 CVE-ID : CVE-2016-7401 Package : python-django Type : cross-site request forgery Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package...

7.5CVSS2.2AI score0.06156EPSS

Tenable Nessus•added 2016/10/12 12:0 a.m.•22 views

Fedora 24 : python-django (2016-5706eeb875)

Security fix for CVE-2016-7401 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

7.5CVSS6.9AI score0.06156EPSS

Tenable Nessus•added 2016/10/12 12:0 a.m.•25 views

Fedora 23 : python-django (2016-3795497354)

7.5CVSS6.9AI score0.06156EPSS

RedHat Linux•added 2016/10/10 5:56 a.m.•34 views

Moderate: Red Hat Security Advisory: python-django security update

An update for python-django is now available for Red Hat OpenStack Platform 9.0 Mitaka. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.5CVSS6.7AI score0.06156EPSS

Debian•added 2016/10/06 9:23 p.m.•40 views

[SECURITY] [DLA DLA-649-1] python-django security update

Package : python-django Version : 1.4.22-1+deb7u1 CVE ID : CVE-2016-7401 It was discovered that there was a possible CSRF protection bypass on sites that use Google Analytics in python-django, a High-level Python web development framework. More information can be found in the upstream announcemen...

7.5CVSS2.2AI score0.06156EPSS

Debian•added 2016/10/06 9:23 p.m.•1 views

[SECURITY] [DLA DLA-649-1] python-django security update

7.5CVSS5.3AI score0.06156EPSS

OSV•added 2016/10/06 12:0 a.m.•11 views

DLA-649-1 python-django - security update

Bulletin has no description...

OSV•added 2016/10/04 12:20 p.m.•2 views

MGASA-2016-0334 Updated python-django packages fix security vulnerability

CVE-2016-7401: CSRF protection bypass on a site with Google Analytics An interaction between Google Analytics and Django's cookie parsing could allow an attacker to set arbitrary cookies leading to a bypass of CSRF protection...

OpenVAS•added 2016/09/28 12:0 a.m.•25 views

Ubuntu: Security Advisory (USN-3089-1)

7.5CVSS7.6AI score0.06156EPSS

Tenable Nessus•added 2016/09/27 12:0 a.m.•41 views

Debian DSA-3678-1 : python-django - security update

Sergey Bobrov discovered that cookie parsing in Django and Google Analytics interacted such a way that an attacker could set arbitrary cookies. This allows other malicious websites to bypass the Cross-Site Request Forgery CSRF protections built into Django. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS7AI score0.06156EPSS

Debian•added 2016/09/26 8:56 p.m.•28 views

[SECURITY] [DSA 3678-1] python-django security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3678-1 [email protected] https://www.debian.org/security/ Florian Weimer September 26, 2016 https://www.debian.org/security/faq -...

OpenVAS•added 2016/09/26 12:0 a.m.•22 views

Debian Security Advisory DSA 3678-1 (python-django - security update)

Sergey Bobrov discovered that cookie parsing in Django and Google Analytics interacted such a way that an attacker could set arbitrary cookies. This allows other malicious web sites to bypass the Cross-Site Request Forgery CSRF protections built into Django. OpenVAS Vulnerability Test $Id:...

5CVSS0.06156EPSS

Exploits1References1

OSV•added 2016/09/26 12:0 a.m.•14 views

DSA-3678-1 python-django - security update

Bulletin has no description...

OpenVAS•added 2016/09/25 12:0 a.m.•31 views

Debian: Security Advisory (DSA-3678-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.06156EPSS