django: potential denial-of-service vulnerability in IPv6 validation

A flaw was found in the Django framework. Lack of upper bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial of service attack. The undocumented and private functions cleanipv6address and isvalidipv6address were vulnerable, as was the...

Denial Of Service (DoS)

Django is vulnerable to a Denial Of Service DoS. The vulnerability is due to the lack of upper-bound limit enforcement in strings during IPv6 validation, which affects the cleanipv6address and isvalidipv6address functions, as well as the django.forms.GenericIPAddressField form field, allows an...

CVE-2024-47610 Stored Cross-site Scripting Vulnerability in Markdown Editor

InvenTree is an Open Source Inventory Management System. In affected versions of InvenTree it is possible for a registered user to store javascript in markdown notes fields, which are then displayed to other logged in users who visit the same page and executed. The vulnerability has been addresse...

Audit CouchDB - The Simple, Clear, CouchDB Security Assessment

Audit CouchDB is a simple tool with a powerful message. Given an Apache CouchDB URL, it will tell you everything you ever wanted to know about its security. Objective Audit CouchDB will perform the following actions: 1. Learn every possible fact about the couch, for example: What is the server...

freetype2 -- multiple vulnerabilities

Secunia reports: Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to potentially compromise an application using the library. An integer overflow error within the "cffcharsetcomputecids" function in cff/cffload.c can be exploited to potentially cause...