Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2017/03/29 12:0 a.m.30 views

MediaWiki Multiple Vulnerabilities (Dec 2015) - Windows

MediaWiki is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mediawiki:mediawiki"; ifdescripti...

9.8CVSS7AI score0.01888EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/03/23 8:59 p.m.10 views

CVE-2015-8624

The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant time before determining if a debugging message should be logged, which allows remote attackers to...

8.8CVSS7.2AI score0.00746EPSS
Exploits0References2
OSV
OSV
added 2017/03/23 8:59 p.m.6 views

CVE-2015-8624

The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant time before determining if a debugging message should be logged, which allows remote attackers to...

8.8CVSS8.6AI score
Exploits0References10
CVE
CVE
added 2017/03/23 8:0 p.m.49 views

CVE-2015-8624

The CVE-2015-8624 issue affects MediaWiki via User.php: the token comparison is not performed in constant time, enabling timing-based guessing of the edit token and bypass of CSRF protection. Affected versions are MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x be...

8.8CVSS8.4AI score0.00746EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2015/12/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2015-0486)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.01888EPSS
Exploits0References5
Rows per page
Query Builder