EUVD-2021-17093

Malware in sbrugna...

Fedora 42 : kubernetes1.31 (2025-d78e6ddfe3)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-d78e6ddfe3 advisory. - Update to release v1.31.12 - Resolves: rhbz2388412 - Resolves: CVE-2025-5187: Nodes can delete themselves by adding an OwnerReference - Upstream fix Tenabl...

Linux Distros Unpatched Vulnerability : CVE-2021-30159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain...

Linux Distros Unpatched Vulnerability : CVE-2021-30157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and...

MediaWiki suffers from an unspecified vulnerability (CNVD-2021-29994)

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.31.12 and versions prior to 1.32.x series 1.35.x...

MediaWiki Permission License and Access Control Issues Vulnerability

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.31.12 and versions prior to 1.32.x series 1.35.x...

CVE-2021-30159

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Users can bypass intended restrictions on deleting pages in certain "fast double move" situations. MovePage::isValidMoveTarget uses FOR UPDATE, but it's only called if Title::getArticleID returns non-zero...

PT-2021-18636 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.31.12 MediaWiki versions 1.32.x through 1.35.1 Description: An issue in MediaWiki allows Special:Contributions to leak the existence of a "hidden" user. Recommendations: For MediaWiki versions prior to 1.31.12,...

CVE-2021-30157

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter- label messages are output in HTML unescaped, leading to XSS...

CVE-2021-30154

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header- messages are output in HTML unescaped, leading to XSS...

CVE-2021-30157

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter- label messages are output in HTML unescaped, leading to XSS...

Design/Logic Flaw

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been compromised, and yet is...

UBUNTU-CVE-2021-30157

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter- label messages are output in HTML unescaped, leading to XSS...

MediaWiki 授权问题漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. An authorization issue vulnerability exists in MediaWiki versions prior to 1.31.12 and versions prior to...

PT-2021-3353 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.12 and earlier MediaWiki versions 1.32.x through 1.35.x before 1.35.2 Description: The issue exists due to the lack of protection for the web page structure, allowing a remote attacker to conduct cross-site scripting X...

PT-2021-3350 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.12 and earlier MediaWiki versions 1.32.x through 1.35.1 Description: An issue in MediaWiki has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been...