Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CNNVD
CNNVDadded 2025/01/14 12:0 a.m.1 views

Mediawiki RefreshSpecial Extension 跨站脚本漏洞

Mediawiki RefreshSpecial Extension is an extension of the Wikimedia Foundation. A cross-site scripting vulnerability exists in Mediawiki RefreshSpecial Extension, which stems from improper input neutralization during page generation. The following versions are affected: version 1.39.X to versions...

5.4CVSS6.1AI score0.00259EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2025/01/14 12:0 a.m.2 views

PT-2025-4810 · Mediawiki · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - OpenBadges Extension versions 1.39.X through 1.39.10 Mediawiki - OpenBadges Extension versions 1.41.X through 1.41.2 Mediawiki - OpenBadges Extension versions 1.42.X through 1.42.1 Description: The issue is related to Improper...

5.3CVSS6.2AI score0.00243EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2024/10/05 1:2 a.m.16 views

CVE-2024-47841 Path traversal when loading stylesheets

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9...

6.9CVSS6.8AI score0.28914EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2024/10/04 12:0 a.m.1 views

PT-2024-32845 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: Mediawiki - Apex skin versions 1.39.X through 1.39.8 Mediawiki - Apex skin versions 1.41.X through 1.41.2 Mediawiki - Apex skin versions 1.42.X through 1.42.1 Description: The issue is related to Improper Neutralization of Input During Web Pa...

6.9CVSS6.6AI score0.0066EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2022/11/28 12:0 a.m.1 views

PT-2022-27687 · Unknown · Fusionauth

Name of the Vulnerable Software and Affected Versions: FusionAuth versions prior to 1.41.3 Description: The issue allows an attacker to view or retrieve files outside of the application root using an HTTP request. Specifically, an attacker may be able to access any file readable by the user runni...

7.5CVSS7.3AI score0.00582EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2022/11/28 12:0 a.m.6 views

CVE-2022-45921

FusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an attacker may be able to view or retrieve any file readable by the user running the FusionAuth process...

7.4AI score0.00582EPSS
Exploits0References2
Prion
Prionadded 2019/06/11 10:29 p.m.15 views

Authorization

daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x before 1.40.2, and 1.41.x before 1.41.3 opened a private D-Bus server socket without configuring an authorization rule. A local attacker could connect to this server socket and issue D-Bus method calls. Note that the server socket...

4.6CVSS7.2AI score0.00066EPSS
Exploits0References11Affected Software1
Rows per page
Query Builder