Page 26 of 4121 results (0.015 seconds)

CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 4

CVE-2022-28346 – Django: SQL injection in QuerySet.annotate(),aggregate() and extra()

https://notcve.org/view.php?id=CVE-2022-28346

An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs. Se ha detectado un problema en Django versiones 2.2 anteriores a 2.2.28, 3.2 anteriores a 3.2.13 y 4.0 anteriores a 4.0.4. Los métodos QuerySet.annotate(), aggregate() y extra() están sujetos a inyección SQL en los alias de columna por medio de un diccionario diseñado (con expansión de diccionario) como los **kwargs pasados A flaw was found in the Django package, which leads to a SQL injection. This flaw allows an attacker using a crafted dictionary containing malicious SQL queries to compromise the database completely. • https://github.com/DeEpinGh0st/CVE-2022-28346 https://github.com/YouGina/CVE-2022-28346 https://github.com/kamal-marouane/CVE-2022-28346 https://github.com/vincentinttsh/CVE-2022-28346 http://www.openwall.com/lists/oss-security/2022/04/11/1 https://docs.djangoproject.com/en/4.0/releases/security https://groups.google.com/forum/#%21forum/django-announce https://lists.debian.org/debian-lts-announce/2022/04/msg00013.html https://lists.fedoraproject.org/archives/list/package • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

CVE-2022-24836 – Inefficient Regular Expression Complexity in Nokogiri

https://notcve.org/view.php?id=CVE-2022-24836

Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to detect encoding in HTML documents. Users are advised to upgrade to Nokogiri `>= 1.13.4`. There are no known workarounds for this issue. Nokogiri es una biblioteca XML y HTML de código abierto para Ruby. • http://seclists.org/fulldisclosure/2022/Dec/23 https://github.com/sparklemotion/nokogiri/commit/e444525ef1634b675cd1cf52d39f4320ef0aecfd https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-crjr-9rc5-ghw8 https://lists.debian.org/debian-lts-announce/2022/05/msg00013.html https://lists.debian.org/debian-lts-announce/2022/10/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6DHCOWMA5PQTIQIMDENA7R2Y5BDYAIYM https://lists.fedoraproject.org/archives/list/package& • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •

CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0

CVE-2022-26110

https://notcve.org/view.php?id=CVE-2022-26110

An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon. Se ha detectado un problema en HTCondor versiones 8.8.x anteriores a 8.8.16, versiones 9.0.x anteriores a 9.0.10 y versiones 9.1.x anteriores a 9.6.0. Cuando un usuario es autenticado en un demonio de HTCondor por medio del método CLAIMTOBE, el usuario puede hacerse pasar por cualquier entidad cuando emite comandos adicionales a ese demonio • https://lists.debian.org/debian-lts-announce/2022/04/msg00016.html https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2022-0003 https://www.debian.org/security/2022/dsa-5144 •

CVSS: 9.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2022-24786 – Potential out-of-bound read/write in PJSIP

https://notcve.org/view.php?id=CVE-2022-24786

PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds. PJSIP es una librería de comunicación multimedia gratuita y de código abierto escrita en C. • https://github.com/pjsip/pjproject/commit/11559e49e65bdf00922ad5ae28913ec6a198d508 https://github.com/pjsip/pjproject/security/advisories/GHSA-vhxv-phmx-g52q https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2022/dsa-5285 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2022-24793 – Potential heap buffer overflow when parsing DNS packets in PJSIP

https://notcve.org/view.php?id=CVE-2022-24793

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. • https://github.com/pjsip/pjproject/commit/9fae8f43accef8ea65d4a8ae9cdf297c46cfe29a https://github.com/pjsip/pjproject/security/advisories/GHSA-p6g5-v97c-w5q4 https://lists.debian.org/debian-lts-announce/2022/05/msg00047.html https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html https://lists.debian.org/debian-lts-announce/2023/08/msg00038.html https://security.gentoo.org/glsa/202210-37 https://www.debian.org/security/2022/dsa-5285 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •