EUVD-2025-30154

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-30154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2. On Special:NewFiles, all the mediastatistics-header- messages are...

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2025-30154

creationtimestamp| type| source ---|---|--- 2025-03-19 15:45:35+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114189869676629359 2025-03-19 16:30:54+00:00| seen| Telegram/1nxUJd1r2Vli3BcLbYFmcRkQRAx1kOCE3f---QAF-WqkIU 2025-03-19 17:21:01+00:00| published-proof-of-concept|...

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2025-30154

CVE-2025-30154 involves the GitHub Action reviewdog/action-setup@v1, which was compromised on 2025-03-11 (18:42–20:31 UTC). The malicious code dumps exposed secrets to GitHub Actions workflow logs. Related reviewdog actions that rely on action-setup@v1 (including action-shellcheck, action-composi...

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2025-30154 Multiple Reviewdog actions were compromised during a specific time period

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2025-30154

reviewdog/action-setup is a GitHub action that installs reviewdog. reviewdog/action-setup@v1 was compromised March 11, 2025, between 18:42 and 20:31 UTC, with malicious code added that dumps exposed secrets to Github Actions Workflow Logs. Other reviewdog actions that use reviewdog/action-setup@v...

CVE-2024-30154

HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2024-30154 HCL SX is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability

HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

CVE-2023-30154

creationtimestamp| type| source ---|---|--- 2023-10-14 07:29:30+00:00| seen| https://t.me/cibsecurity/72278...

CVE-2023-30154

Multiple improper neutralization of SQL parameters in module AfterMail aftermailpresta for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via idcustomer, idconf, idproduct and token parameters in aftermailajax.php via the 'idproduct' parameter in hooks...

CVE-2023-30154

The CVE affects AfterMail (aftermailpresta) for PrestaShop, with versions prior to 2.2.1 vulnerable to SQL injection via id_customer, id_conf, id_product, and token in aftermailajax.php and in hooks DisplayRightColumnProduct/DisplayProductButtons (via id_product). Root cause: improper neutralizat...

June 14, 2022—KB5014702 (OS Build 14393.5192) - EXPIRED

June 14, 2022—KB5014702 OS Build 14393.5192 - EXPIRED EXPIRATION NOTICEIMPORTANT As of March 31, 2026, this update is no longer available from the Microsoft Update Catalog or other release channels. We recommend that you update your devices to the latest version of Windows. --- NEW 06/14/22...

KB5014699: Windows 10 Version 20H2 / 21H1 / 21H2 Security Update (June 2022)

The remote Windows host is missing security update 5014699. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2022-30166, CVE-2022-30165, CVE-2022-30160 CVE-2022-30154, CVE-2022-30151,...

GLSA-202107-40 : MediaWiki: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-40 MediaWiki: Multiple vulnerabilities Multiple vulnerabilities have been discovered in MediaWiki. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

Security fix for the ALT Linux 9 package mediawiki version 1.35.2-alt1

April 24, 2021 Vitaly Lipatov 1.35.2-alt1 - new version 1.35.2 with rpmrb script - T270453, CVE-2021-30153 T270713, CVE-2021-30152 - T270988, CVE-2021-30155 T272386, CVE-2021-30159 - T276843, CVE-2021-20270, CVE-2021-27291 - T277009, CVE-2021-30158 T278014, CVE-2021-30154 - T278058, CVE-2021-3015...

Fedora: Security Advisory for mediawiki (FEDORA-2021-f4223b6684)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DSA-4889-1 : mediawiki - security update

Multiple security issues were found in MediaWiki, a website engine for collaborative work, which could result in incomplete page/blocking protection, denial of service or cross-site scripting. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...