OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Command Injection
Scanservjs
NVD
GitHub
CVSS 3.1
10.0
EPSS
40.5%
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Python
Authentication Bypass
Django
Fedora
NVD
CVSS 3.1
9.8
EPSS
1.4%