Golang 1.24.x < 1.24.8 / 1.25.x < 1.25.2 Multiple Vulnerabilities (qZN5nc-mBgAJ)

The version of Golang running on the remote host is 1.24.x prior to 1.24.8, 1.25.x prior to 1.25.2. It is, therefore, affected by multiple vulnerabilities as referenced in qZN5nc-mBgAJ advisory. - The Parse function permitted values other than IPv6 addresses to be included in square brackets with...

MediaWiki 1.24.x < 1.27.2 Wiki Visitor IP Leakage

According to its self-reported version number, the instance of MediaWiki hosted on the remote web server is prior to 1.23.16, 1.24.x prior to 1.27.2 or 1.28.x prior to 1.28.1 . It is, therefore, affected by a flaw which may allow remote attackers to discover the IP addresses of Wiki Visitors via ...

CVE-2015-8009

The MWOAuthDataStore::lookuptoken function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1.24.x before 1.24.4, and before 1.23.11 does not properly validate the signature when checking the authorization signature, which allows remote registered Consumers to use another Consumer's...

Design/Logic Flaw

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads...

MediaWiki Denial of Service Vulnerability (CNVD-2015-02420)

MediaWiki is a Wiki program. A security vulnerability exists in MediaWiki version 1.24.x before 1.24.2. When the program uses the PBKDF2 algorithm to generate hashed passwords, a remote attacker can exploit the vulnerability to cause a denial of service CPU consumption with the help of extra-long...

PT-2010-1023 · Debian · Lintian

Name of the Vulnerable Software and Affected Versions: Lintian versions 1.23.x through 1.23.28 Lintian versions 1.24.x through 1.24.2.1 Lintian versions 2.x before 2.3.2 Description: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files or obtain sensiti...