Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

292 matches found

OSV
OSVadded 2024/07/10 7:26 a.m.14 views

BIT-MEDIAWIKI-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

4.3CVSS4.4AI score0.00145EPSS
Exploits0References2
NVD
NVDadded 2024/07/07 12:15 a.m.20 views

CVE-2024-40596

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. TimelineService does not support properly suppressing...

4.3CVSS0.00145EPSS
Exploits0References1
OSV
OSVadded 2024/07/07 12:15 a.m.14 views

CVE-2024-40596

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. TimelineService does not support properly suppressing...

4.3CVSS6.6AI score
Exploits0References1
NVD
NVDadded 2024/07/07 12:15 a.m.20 views

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

4.3CVSS0.00145EPSS
Exploits0References1
OSV
OSVadded 2024/07/07 12:15 a.m.10 views

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

4.3CVSS6.6AI score
Exploits0References1
OSV
OSVadded 2024/07/07 12:15 a.m.1 views

CVE-2024-40597

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. The logdeleted attribute is not respected...

7.5CVSS6.9AI score
Exploits0References1
NVD
NVDadded 2024/07/07 12:15 a.m.14 views

CVE-2024-40597

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. The logdeleted attribute is not respected...

7.5CVSS0.00382EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/07/07 12:0 a.m.2 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki versions prior to 1.42.1, which stems from a CheckUs...

7.5CVSS6.5AI score0.00382EPSS
Exploits0References2
CVE
CVEadded 2024/07/06 12:0 a.m.59 views

CVE-2024-40597

The CVE-2024-40597 vulnerability affects the MediaWiki CheckUser extension up to version 1.42.1, where the log_deleted attribute is not respected, allowing exposure of suppressed log-event information. Impact: potential disclosure of sensitive log data (confidentiality is HIGH per CVSS). The issu...

7.5CVSS6.8AI score0.00382EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2024/07/06 12:0 a.m.9 views

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

6.6AI score0.00145EPSS
Exploits0References1
Cvelist
Cvelistadded 2024/07/06 12:0 a.m.20 views

CVE-2024-40598

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can expose suppressed information for log events. The logdeleted attribute is not applied to entries...

0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/07/06 12:0 a.m.19 views

CVE-2024-40596

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. TimelineService does not support properly suppressing...

6.7AI score0.00145EPSS
Exploits0References1
CVE
CVEadded 2024/07/06 12:0 a.m.94 views

CVE-2024-40598

The CVE-2024-40598 issue affects the MediaWiki CheckUser extension (through version 1.42.1). The API can expose suppressed information for log events because the log_deleted attribute is not applied to entries, enabling unintended disclosure of deleted log data. Several sources (Red Hat, CNVD, OS...

4.3CVSS6.9AI score0.00145EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/06 12:0 a.m.2 views

PT-2024-28932 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: The Special:Investigate feature can expose suppressed information for log events due to the TimelineService not supporting proper suppression. Recommendations: For versions...

4.3CVSS7AI score0.00145EPSS
Exploits0References10
CVE
CVEadded 2024/07/06 12:0 a.m.55 views

CVE-2024-40596

CVE-2024-40596 affects MediaWiki’s CheckUser extension through version 1.42.1. The vulnerability arises in the Special:Investigate feature, which can expose suppressed information for log events because the TimelineService does not properly suppress it. Affected component: CheckUser extension (Me...

4.3CVSS6.9AI score0.00145EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/07/06 12:0 a.m.2 views

PT-2024-28933 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: An issue was discovered in the CheckUser extension for MediaWiki. It can expose suppressed information for log events, as the log deleted attribute is not respected...

7.5CVSS5.9AI score0.00382EPSS
Exploits0References11
Cvelist
Cvelistadded 2024/07/06 12:0 a.m.16 views

CVE-2024-40596

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. TimelineService does not support properly suppressing...

0.00145EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2024/07/06 12:0 a.m.12 views

CVE-2024-40597

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. It can expose suppressed information for log events. The logdeleted attribute is not respected...

6.7AI score0.00382EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2024/07/06 12:0 a.m.2 views

PT-2024-28934 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: An issue was discovered in the CheckUser extension for MediaWiki. The API can expose suppressed information for log events, as the log deleted attribute is not applied to...

4.3CVSS7AI score0.00145EPSS
Exploits0References10
OSV
OSVadded 2024/03/06 11:12 a.m.13 views

BIT-MEDIAWIKI-2021-31553

An issue was discovered in the CheckUser extension for MediaWiki through 1.35.2. MediaWiki usernames with trailing whitespace could be stored in the culog database table such that denial of service occurred for certain CheckUser extension pages and functionality. For example, the attacker could...

6.5CVSS6.4AI score0.00672EPSS
Exploits0References8
Rows per page
Query Builder