Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.6 views

Astra Linux – Vulnerability in Python-Django

In Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1, directory traversal is allowed if the filenames are passed to it directly...

5.3CVSS6.6AI score0.02388EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2026/01/07 12:0 a.m.2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-000161)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000161 advisory. Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it. Tenable...

5.3CVSS6.6AI score0.02388EPSS
Exploits0References4
CVE
CVEadded 2025/12/05 1:55 a.m.9 views

CVE-2025-11759

CVE-2025-11759 affects the WordPress plugin “Backup, Restore and Migrate your sites with XCloner” (versions up to and including 4.8.2). The issue is a Cross-Site Request Forgery (CSRF) due to missing/incorrect nonce validation in the Xcloner_Remote_Storage:save() function, enabling unauthenticate...

4.3CVSS4.9AI score0.00102EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2024/11/05 5:49 p.m.2 views

python-django: Potential directory-traversal in django.core.files.storage.Storage.save()

A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generatefilename without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs...

4.3CVSS7AI score0.01008EPSS
Exploits0References4
BDU FSTEC
BDU FSTECadded 2022/01/25 12:0 a.m.2 views

The vulnerability of the Storage.save() function in the Django web application framework allows a attacker to access confidential information.

The vulnerability of the Storage.save function in the Django web framework relates to an improper restriction on the path name, which is limited to a directory. Exploiting this vulnerability could allow a malicious actor to access confidential information by sending a specially crafted HTTP file ...

5.3CVSS6.6AI score0.02388EPSS
Exploits0References9Affected Software4
OSV
OSVadded 2022/01/04 10:0 a.m.1 views

UBUNTU-CVE-2021-45452

Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it...

5.3CVSS7.1AI score0.02388EPSS
Exploits0References3
FreeBSD
FreeBSDadded 2021/12/20 12:0 a.m.30 views

Django -- multiple vulnerabilities

Django Release reports: CVE-2021-45115: Denial-of-service possibility in UserAttributeSimilarityValidator. CVE-2021-45116: Potential information disclosure in dictsort template filter. CVE-2021-45452: Potential directory-traversal via Storage.save...

7.5CVSS2.4AI score0.02397EPSS
Exploits0References1
Rows per page
Query Builder