CVE-2026-2869

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetcvarset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment...

CVE-2026-2869

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetcvarset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment...

Janet 缓冲区错误漏洞

Janet is a functional and imperative programming language and bytecode interpreter developed by Janet Language. Versions of janet-lang prior to 1.40.1 contain a buffer error vulnerability, which stems from an out-of-bounds read in the janetcvarset function located in the src/core/specials.c file...

SUSE CVE-2026-2241

A vulnerability was found in janet-lang janet up to 1.40.1. This affects the function osstrftime of the file src/core/os.c. Performing a manipulation results in out-of-bounds read. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is...

CVE-2026-2242

A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetcif of the file src/core/specials.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This...

CVE-2026-2242

A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetcif of the file src/core/specials.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This...

CVE-2026-2242

CVE-2026-2242 affects janet-lang up to 1.40.1. The vulnerability lies in janetc_if within src/core/specials.c, allowing a local out-of-bounds read due to manipulation. An exploit has been publicly disclosed and a patch identified by the commit c43e06672cd9dacf2122c99f362120a17c34b391 is available...

Janet 缓冲区错误漏洞

Janet is a functional and imperative programming language and bytecode interpreter developed by Janet Language. Versions of Janet prior to 1.40.1 contained a buffer error vulnerability, which was caused by an out-of-bounds read in the function janetcpopfuncdef, potentially leading to information...

EUVD-2023-49654

Malicious code in bioql PyPI...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the Wikimedia USA Foundation. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki versions prior to 1.39.5 and 1.40.x prior to 1.40.1, whic...

Vulnerabilities fixed in MediaWiki

Vulnerabilities have been fixed in MediaWiki. A malicious party can exploit the vulnerabilities to cause a denial-of-service cause, or to launch a Cross-Site-Scripting attack XSS which may allow the malicious party to grant itself elevated privileges when the administrator of a wiki allows XML...

Design/Logic Flaw

An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers...

CVE-2023-45360

An issue was discovered in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is XSS in youhavenewmessagesmanyusers and youhavenewmessages i18n messages. This is related to MediaWiki:Youhavenewmessagesfromusers...

CVE-2023-45362

An issue was discovered in DifferenceEngine.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. diff-multi-sameuser aka "X intermediate revisions by the same user not shown" ignores username suppression. This is an information leak...

MediaWiki 1.36.x < 1.39.5, 1.40.x < 1.40.1 Incorrect Permissions Vulnerability - Linux

MediaWiki is prone to an incorrect permissions vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki...

PT-2023-29530 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.39.5 MediaWiki versions 1.40.x prior to 1.40.1 Description: An issue was discovered in the Vector Skin component for MediaWiki. The vector-toc-toggle-button-label is not escaped, but should be, because the line...

CVE-2023-45371

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items...

CVE-2023-45369

An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed...

PT-2023-8950 · Mediawiki +2 · Mediawiki +3

Name of the Vulnerable Software and Affected Versions: MediaWiki PageTriage extension versions prior to 1.35.12 MediaWiki PageTriage extension versions 1.36.x through 1.39.x before 1.39.5 MediaWiki PageTriage extension versions 1.40.x before 1.40.1 Description: An issue was discovered in the...

PT-2023-8947 · Mediawiki +2 · Wikibase Extension For Mediawiki +2

Name of the Vulnerable Software and Affected Versions: Wikibase extension for MediaWiki versions prior to 1.35.12 Wikibase extension for MediaWiki versions 1.36.x through 1.39.x before 1.39.5 Wikibase extension for MediaWiki versions 1.40.x before 1.40.1 Description: The issue is related to the...