Lucene search
K

153 matches found

Tenable Nessus
Tenable Nessus
added 2019/10/18 12:0 a.m.30 views

RHEL 7 : OpenShift Container Platform 3.11 mediawiki (RHSA-2019:3142)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3142 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...

6.5CVSS6.1AI score0.01932EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.22 views

Fedora 29 : mediawiki (2018-f4b65fc7cd)

https://www.mediawiki.org/wiki/Releasenotes/1.29MediaWiki1.29.3 - T169545, CVE-2018-0503 SECURITY: $wgRateLimits entry for 'user' overrides 'newbie'. - T194605, CVE-2018-0505 SECURITY: BotPasswords can bypass CentralAuth's account lock. - T180551 Fix LanguageSrTest for language converter - T18055...

6.5CVSS6AI score0.02797EPSS
Exploits1References4
Mageia
Mageia
added 2018/11/03 11:55 a.m.29 views

Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: '$wgRateLimits' entry for 'user' overrides 'newbie' CVE-2018-0503. When a log event is partially hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information CVE-2018-0504. BotPasswords can bypass CentralAuth's...

6.5CVSS1.8AI score0.02797EPSS
Exploits1References2
OSV
OSV
added 2018/11/03 11:55 a.m.6 views

MGASA-2018-0433 Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: '$wgRateLimits' entry for 'user' overrides 'newbie' CVE-2018-0503. When a log event is partially hidden Special:Redirect/logid can link to the incorrect log and reveal hidden information CVE-2018-0504. BotPasswords can bypass CentralAuth's...

6.5CVSS5.3AI score0.02797EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/10/05 12:0 a.m.27 views

MediaWiki Multiple Vulnerabilities (Sep 2018) - Linux

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; if...

6.5CVSS5.6AI score0.02797EPSS
Exploits1References1
OSV
OSV
added 2018/10/04 8:29 p.m.4 views

UBUNTU-CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS6.4AI score0.01932EPSS
Exploits1References4
OSV
OSV
added 2018/10/04 8:29 p.m.1 views

DEBIAN-CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS5.8AI score0.01932EPSS
Exploits1References1
Prion
Prion
added 2018/10/04 8:29 p.m.21 views

Design/Logic Flaw

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

4CVSS6.3AI score0.01932EPSS
Exploits1References7Affected Software2
UbuntuCve
UbuntuCve
added 2018/10/04 8:29 p.m.21 views

CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS6.5AI score0.01932EPSS
Exploits1References3
OSV
OSV
added 2018/10/04 8:29 p.m.16 views

CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS6.7AI score
Exploits0References7
Debian CVE
Debian CVE
added 2018/10/04 8:0 p.m.29 views

CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS6.5AI score0.01932EPSS
Exploits1
Cvelist
Cvelist
added 2018/10/04 8:0 p.m.29 views

CVE-2018-0505 BotPasswords can bypass CentralAuth's account lock

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.3AI score0.01932EPSS
Exploits1References7
CVE
CVE
added 2018/10/04 8:0 p.m.113 views

CVE-2018-0505

MediaWiki prior to versions 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains CVE-2018-0505: BotPasswords can bypass CentralAuth’s account lock. The issue enables bypassing access restrictions. Vendors/maintainers document upstream fix in 1.31.1; Arch Fedora advisories confirm upgrade to 1.31.1-1 is the...

6.5CVSS5.7AI score0.01932EPSS
Exploits1References7Affected Software1
RedhatCVE
RedhatCVE
added 2018/09/28 8:50 p.m.24 views

CVE-2018-0505

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

6.5CVSS3.6AI score0.01932EPSS
Exploits1References2
Friends Of PHP
Friends Of PHP
added 2018/09/20 6:59 p.m.20 views

BotPassword can bypass CentralAuth's account lock

More info at https://phabricator.wikimedia.org/T194605...

6.5CVSS6.7AI score0.01932EPSS
Exploits1Affected Software1
NVD
NVD
added 2014/06/02 3:55 p.m.20 views

CVE-2012-5395

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauthSession cookie...

6.8CVSS6.7AI score0.01161EPSS
Exploits0References2
Prion
Prion
added 2014/06/02 3:55 p.m.13 views

Session fixation

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauthSession cookie...

6.8CVSS7.2AI score0.01161EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2014/06/02 3:0 p.m.22 views

CVE-2012-5395

Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centralauthSession cookie...

6.7AI score0.01161EPSS
Exploits0References2
CVE
CVE
added 2014/06/02 3:0 p.m.54 views

CVE-2012-5395

CVE-2012-5395 affects MediaWiki with the CentralAuth extension; vulnerable centralauth_Session cookie handling allows remote attackers to hijack sessions. Affected versions are MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1. Root cause is session fixation via CentralAuth,...

6.8CVSS6.9AI score0.01161EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/02/06 12:0 a.m.55 views

MediaWiki < 1.19.10 / 1.21.4 / 1.22.1 Multiple Vulnerabilities

According to its version number, the instance of MediaWiki running on the remote host is affected by the following vulnerabilities : - Escape sequences are not properly sanitized when passed to the 'Sanitizer::checkCss' class, which allows a remote attacker to conduct cross-site scripting attacks...

7.5CVSS7.7AI score0.01748EPSS
Exploits0References14
Rows per page
Query Builder