Lucene search
K

8 matches found

Patchstack
Patchstack
added 2026/03/19 10:16 p.m.4 views

WordPress Download Manager plugin <= 3.3.49 - Missing Authorization to Authenticated (Subscriber+) User Email Enumeration via 'user' Parameter vulnerability

Missing Authorization to Authenticated Subscriber+ User Email Enumeration via 'user' Parameter vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Plugin Download Manager versions = 3.3.49...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References1Affected Software1
Debian
Debian
added 2025/02/05 10:36 a.m.72 views

[BSA-121] Security Update for python-django

Colin Watson uploaded new packages for python-django which fixed the following security problems: CVE-2024-45230 Potential denial-of-service vulnerability in django.utils.html.urlize. urlize and urlizetrunc were subject to a potential denial-of-service attack via very large inputs with a specific...

9.8CVSS6.7AI score0.25327EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/09/07 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2024:3161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5AI score0.25327EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/09/07 12:0 a.m.19 views

SUSE SLES15 / openSUSE 15 Security Update : python-Django (SUSE-SU-2024:3161-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3161-1 advisory. - CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize. bsc1229823 - CVE-2024-45231: Fixed...

7.5CVSS6AI score0.25327EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2024/09/05 12:0 a.m.9 views

Django 4.x < 4.2.16, 5.0.x < 5.0.9, 5.1.x < 5.1.1 Multiple Vulnerabilities - Linux

Django is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:djangoproject:django"; if descriptio...

7.5CVSS6.5AI score0.25327EPSS
Exploits0References1
OSV
OSV
added 2024/09/04 10:16 a.m.10 views

SUSE-SU-2024:3139-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize. bsc1229823 - CVE-2024-45231: Fixed potential user email enumeration via response status on password reset. bsc1229824...

7.5CVSS6AI score0.25327EPSS
Exploits0References5
OSV
OSV
added 2022/05/24 7:9 p.m.2 views

GHSA-JFCH-M2X3-2V66 Liferay Portal and Liferay DXP insecure default configuration

Insecure default configuration in portal services implementation before 5.11.0 in Liferay Portal 6.2.3 through 7.3.2, and Liferay DXP before 7.3, allows remote attackers to enumerate user email address via the forgot password functionality. The portal.property login.secure.forgot.password should ...

7.5CVSS7AI score0.01422EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2017/05/15 12:0 a.m.56 views

MODX CMS 2.x < 2.5.7 Multiple Vulnerabilities

MODX CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:modx:revolution"; if description...

8.8CVSS5.9AI score0.01865EPSS
Exploits5References3
Rows per page
Query Builder