11 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-30157
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and...
PT-2023-8948 · Mediawiki +2 · Wikibase +2
Name of the Vulnerable Software and Affected Versions: Wikibase extension for MediaWiki versions 1.35.x through 1.35.11 Wikibase extension for MediaWiki versions 1.36.x through 1.39.4 Wikibase extension for MediaWiki versions 1.40.x through 1.40.0 Description: An issue was discovered in the...
Siemens SCALANCE XCM332 Use After Free (CVE-2022-30065)
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVE...
CVE-2022-30065
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...
BusyBox 资源管理错误漏洞
BusyBox is a suite of applications containing several linux commands and tools by Denis Vlasenko, a Ukrainian individual developer. A security vulnerability exists in BusyBox version 1.35.x, which stems from a post-release reuse vulnerability in the copyvar function in the system awk gadget. An...
MediaWiki suffers from an unspecified vulnerability (CNVD-2021-29994)
MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.31.12 and versions prior to 1.32.x series 1.35.x...
UBUNTU-CVE-2021-30152
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When using the MediaWiki API to "protect" a page, a user is currently able to protect to a higher level than they currently have permissions for...
PT-2021-3352 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.31.0 through 1.31.11 MediaWiki versions 1.32.x through 1.35.1 Description: An issue in MediaWiki allows users to bypass intended restrictions on deleting pages in certain "fast double move" situations. The...
CVE-2021-30157
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On ChangesList special pages such as Special:RecentChanges and Special:Watchlist, some of the rcfilters-filter- label messages are output in HTML unescaped, leading to XSS...
CVE-2021-30154
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header- messages are output in HTML unescaped, leading to XSS...
Design/Logic Flaw
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. Blocked users are unable to use Special:ResetTokens. This has security relevance because a blocked user might have accidentally shared a token, or might know that a token has been compromised, and yet is...