CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

PyPA•added 2025/11/05 3:15 p.m.•10 views

PYSEC-2025-107

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8.NFKC normalization in Python is slow on Windows. As a consequence, django.http.HttpResponseRedirect, django.http.HttpResponsePermanentRedirect, and the shortcut django.shortcuts.redirect were subject to a...

7.5CVSS7.3AI score0.01903EPSS

Exploits1References4Affected Software1

OSV•added 2025/11/05 3:15 p.m.•4 views

PYSEC-2025-107

An issue was discovered in 5.1 before 5.1.14, 4.2 before 4.2.26, and 5.2 before 5.2.8. NFKC normalization in Python is slow on Windows. As a consequence, django.http.HttpResponseRedirect, django.http.HttpResponsePermanentRedirect, and the shortcut django.shortcuts.redirect were subject to a...

7.5CVSS7.3AI score0.01903EPSS

Exploits1References4

Positive Technologies•added 2025/10/23 12:0 a.m.•4 views

PT-2025-43461

Name of the Vulnerable Software and Affected Versions affected versions not specified Description A flaw exists where a file path filter designed to restrict access to sensitive directories can be bypassed due to incorrect unicode normalization. This could allow a local user to gain elevated...

7.8CVSS6.1AI score0.0011EPSS

Exploits0References7

RustSec•added 2025/10/18 12:0 p.m.•8 views

`unic-normal` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...

7AI score

Exploits0

RustSec•added 2025/10/18 12:0 p.m.•7 views

`unic-ucd-hangul` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...

7AI score

Exploits0

OSV•added 2025/10/18 12:0 p.m.•5 views

RUSTSEC-2025-0082 `unic-normal` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...

7AI score

Exploits0References3

OSV•added 2025/10/18 12:0 p.m.•4 views

RUSTSEC-2025-0079 `unic-ucd-hangul` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...

7AI score

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-1840

Malicious code in bioql PyPI...

6.1CVSS6.2AI score0.00551EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2024-40034

Malicious code in bioql PyPI...

7.3CVSS8.1AI score0.00708EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-3316

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00522EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-41464

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.0078EPSS

Exploits1References3

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-34078

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - html-sanitizer is an allowlist-based HTML cleaner. If using keeptypographicwhitespace=False which is the default, the sanitizer normalizes unicode to the NFKC...

6.1CVSS6.2AI score0.00551EPSS

Exploits0References2

Tenable Nessus•added 2025/08/20 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-37712

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The npm package tar aka node-tar before versions 4.4.18, 5.0.10, and 6.1.9 has an arbitrary file creation/overwrite and arbitrary code execution vulnerability...

8.6CVSS7.2AI score0.0185EPSS

Exploits0References2

GithubExploit•added 2025/07/14 1:44 a.m.•389 views

Exploit for CVE-2025-52488

DNN Unicode Path Normalization NTLM Hash Disclosure Exploit C...

8.6CVSS7.5AI score0.29345EPSS

Exploits1

RedhatCVE•added 2025/05/23 10:32 a.m.•7 views

CVE-2024-45412

Yeti bridges the gap between CTI and DFIR practitioners by providing a Forensics Intelligence platform and pipeline. Remote user-controlled data tags can reach a Unicode normalization with a compatibility form NFKD. Under Windows, such normalization is costly in resources and may lead to denial o...

7.5CVSS6.9AI score0.0078EPSS

Exploits1

RedhatCVE•added 2025/05/23 6:32 a.m.•8 views

CVE-2024-43093

In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User...

7.3CVSS8AI score0.00708EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:14 a.m.•6 views

CVE-2023-41889

SHIRASAGI is a Content Management System. Prior to version 1.18.0, SHIRASAGI is vulnerable to a Post-Unicode normalization issue. This happens when a logical validation or a security check is performed before a Unicode normalization. The Unicode character equivalent of a character would resurface...

5.3CVSS6.9AI score0.00581EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 4:19 a.m.•5 views

CVE-2023-42183

lockss-daemon aka Classic LOCKSS Daemon before 1.77.3 performs post-Unicode normalization, which may allow bypass of intended access restrictions, such as when U+1FEF is converted to a backtick...

5.3CVSS6.9AI score0.00572EPSS

Exploits1