Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-40617

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00737EPSS
Exploits0References7
OSV
OSV
added 2024/03/06 11:1 a.m.26 views

BIT-MEDIAWIKI-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS5.7AI score0.00737EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.21 views

Fedora 39 : mediawiki (2023-7e9d6015f6)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7e9d6015f6 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...

6.1CVSS5.5AI score0.00829EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/09/02 12:0 a.m.33 views

Fedora 37 : mediawiki (2023-d8ae3c122e)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d8ae3c122e advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...

6.1CVSS5.5AI score0.00829EPSS
Exploits1References3
NVD
NVD
added 2023/08/20 6:15 p.m.24 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS5.7AI score0.00737EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2023/08/20 6:15 p.m.4 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS6AI score0.00737EPSS
Exploits0References8
OSV
OSV
added 2023/08/20 6:15 p.m.1 views

DEBIAN-CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS5.5AI score0.00737EPSS
Exploits0References1
Prion
Prion
added 2023/08/20 6:15 p.m.23 views

Design/Logic Flaw

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5CVSS5.7AI score0.00737EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2023/08/20 6:15 p.m.39 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS6.1AI score0.00737EPSS
Exploits0References3
OSV
OSV
added 2023/08/20 6:15 p.m.8 views

UBUNTU-CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS5.8AI score0.00737EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2023/08/20 12:0 a.m.46 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

5.3CVSS5.2AI score0.00737EPSS
Exploits0
CVE
CVE
added 2023/08/20 12:0 a.m.85 views

CVE-2023-36674

Summary: CVE-2023-36674 affects MediaWiki prior to certain fixed versions. The issue allows bypass of the Bad image list (badFile) by abusing the thumb parameter (Manualthumb) in the File syntax. Affected versions (per sources): MediaWiki before 1.35.11; 1.36.x through 1.38.x before 1.38.7; 1.39....

5.3CVSS5.6AI score0.00737EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/20 12:0 a.m.26 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

7.1AI score0.00737EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/08/20 12:0 a.m.35 views

CVE-2023-36674

An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...

6.1AI score0.00737EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/05 12:0 a.m.5 views

PT-2023-25673 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.11 MediaWiki versions 1.36.x through 1.38.x before 1.38.7 MediaWiki versions 1.39.x before 1.39.4 MediaWiki versions 1.40.x before 1.40.1 Description: An issue was discovered in MediaWiki. It is possible to...

9.8CVSS6AI score0.22699EPSS
Exploits27References120
Tenable Nessus
Tenable Nessus
added 2023/07/01 12:0 a.m.44 views

FreeBSD : mediawiki -- multiple vulnerabilities (95dad123-180e-11ee-86ba-080027eda32c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 95dad123-180e-11ee-86ba-080027eda32c advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...

7.5CVSS6AI score0.01216EPSS
Exploits1References5
Rows per page
Query Builder