EUVD-2023-2138

Malicious code in bioql PyPI...

EUVD-2023-2035

Malicious code in bioql PyPI...

PT-2024-23300 · Solana · @Solana/Web3.Js

Name of the Vulnerable Software and Affected Versions: @solana/web3.js versions prior to 1.0.1 @solana/web3.js versions prior to 1.10.2 @solana/web3.js versions prior to 1.11.1 @solana/web3.js versions prior to 1.12.1 @solana/web3.js versions prior to 1.1.2 @solana/web3.js versions prior to 1.13....

Credential leakage in Jenkins Plug-in for ServiceNow

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

CVE-2023-3442

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

CVE-2023-3442

A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow...

CVE-2023-3414

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information. To address this issue, apply the 1.38.1 version of the Jenkins plug-in for...

Jenkins Plugin ServiceNow DevOps 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...

Jenkins Plugin ServiceNow DevOps 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin ServiceNow...

PT-2023-24866 · Jenkins · Jenkins Plug-In For Servicenow Devops +1

Name of the Vulnerable Software and Affected Versions: Jenkins Plug-in for ServiceNow DevOps versions prior to 1.38.1 Description: A missing authorization issue exists that could lead to the unwanted exposure of sensitive information if exploited successfully. Recommendations: For versions prior ...

CVE-2022-34911

An issue was discovered in MediaWiki before 1.35.7, 1.36.x and 1.37.x before 1.37.3, and 1.38.x before 1.38.1. XSS can occur in configurations that allow a JavaScript payload in a username. After account creation, when it sets the page title to "Welcome" followed by the username, the username is...

MediaWiki < 1.35.7, 1.36.x < 1.37.3, 1.38.x < 1.38.1 XSS Vulnerability - Linux

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MediaWiki 1.36.x < 1.37.3, 1.38.x < 1.38.1 XSS Vulnerability - Windows

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

MediaWiki < 1.35.7, 1.36.x < 1.37.3, 1.38.x < 1.38.1 XSS Vulnerability - Windows

MediaWiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PT-2022-22431 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.37.3 MediaWiki versions 1.38.x prior to 1.38.1 Description: An issue was discovered where the contributions-title, used on Special:Contributions, is used as a page title without escaping. This can cause problems ...

MediaWiki Denial of Service Vulnerability (CNVD-2022-60675)

MediaWiki is a set of web-based wiki engines from the U.S. Wikimedia MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki version 1.38.1 and earlier versions have a denial of service vulnerability, which stems from the fac...

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

CVE-2022-34750

CVE-2022-34750 : PT and vendor docs show a Wikibase/MediaWiki DoS issue due to unbounded merge requests. Affected: Wikibase extension for MediaWiki in versions 1.35.x–1.35.11, 1.36.x–1.39.4, and 1.40.x–1.40.0. Root cause: no rate limiting on item merging. Fixes are available in: Wikibase 1.35.12 ...

MediaWiki 安全漏洞

MediaWiki is a set of web-based wiki engines from the U.S. Wikimedia MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki version 1.38.1 and earlier versions have a denial of service vulnerability, which stems from the fac...