Improper Cleanup on Thrown Exception

Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception when cleaning up tmp files. Temporary storage can be exhausted during the scanning process by an attacker providing large or highly compressed artifacts, leading to the accumulation of temporary file...

Improper Cleanup on Thrown Exception

Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception when cleaning up tmp files. Temporary storage can be exhausted during the scanning process by an attacker providing large or highly compressed artifacts, leading to the accumulation of temporary file...

Improper Cleanup on Thrown Exception

Overview Affected versions of this package are vulnerable to Improper Cleanup on Thrown Exception when cleaning up tmp files. Temporary storage can be exhausted during the scanning process by an attacker providing large or highly compressed artifacts, leading to the accumulation of temporary file...

OPENSUSE-SU-2026:10228-1 syft-1.42.1-1.1 on GA media

These are all security issues fixed in the syft-1.42.1-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-34158

Plex Media Server PMS 1.41.7.x through 1.42.0.x before 1.42.1 is affected by incorrect resource transfer between spheres because /myplex/account provides the credentials of the server owner and a /api/resources call reveals other servers accessible by that server owner...

CVE-2024-40601

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. CSRF can occur in API modules...

CVE-2024-40605

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-40599

An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-40600

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. There is stored XSS via MediaWiki:Sidebar top-level menu entries...

CVE-2024-40596

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special:Investigate feature can expose suppressed information for log events. TimelineService does not support properly suppressing...

CVE-2025-1755

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules\. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

CVE-2025-1755

MongoDB Compass (Windows) is affected by CVE-2025-1755: a local privilege escalation vulnerability when a crafted file is stored in C:\node_modules, affecting versions prior to 1.42.1. The condition described enables elevated-privilege actions on the user’s system. Several connected sources (incl...

CVE-2025-1755 MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

MongoDB Compass may be susceptible to local privilege escalation in Windows

MongoDB Compass may be susceptible to local privilege escalation under certain conditions potentially enabling unauthorized actions on a user's system with elevated privileges, when a crafted file is stored in C:\nodemodules. This issue affects MongoDB Compass prior to 1.42.1...

MongoDB Compass 代码问题漏洞

MongoDB Compass is a free interactive tool from MongoDB, Inc. for querying, optimizing, and analyzing MongoDB data. A code issue vulnerability exists in MongoDB Compass versions prior to 1.42.1 that stems from local elevation of privilege...

PT-2024-28938 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.42.1 Description: An issue was discovered in the Tempo skin for MediaWiki. There is stored XSS via MediaWiki:Sidebar top-level menu entries. Recommendations: For versions through 1.42.1, consider disabling the Tem...

PT-2024-28941 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.42.1 and earlier Description: An issue was discovered in the Foreground skin for MediaWiki. There is stored XSS via MediaWiki: Sidebar top-level menu entries. Recommendations: For MediaWiki versions 1.42.1 and earlier,...

PT-2024-28936 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki Metrolook skin versions through 1.42.1 Description: An issue was discovered in the Metrolook skin for MediaWiki, where there is stored XSS via MediaWiki:Sidebar top-level menu entries. Recommendations: For versions through 1.42.1,...

PT-2024-28934 · Mediawiki · Mediawiki Checkuser Extension

Name of the Vulnerable Software and Affected Versions: MediaWiki CheckUser extension versions through 1.42.1 Description: An issue was discovered in the CheckUser extension for MediaWiki. The API can expose suppressed information for log events, as the log deleted attribute is not applied to...