Lucene search
+L

7 matches found

osv
osv
added 2026/05/31 10:0 p.m.2 views

CVE-2026-10197 Assimp TF File glTF2Importer.cpp ImportEmbeddedTextures null pointer dereference

A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The manipulation results in null pointer dereference. The attack is only possible with local...

4.8CVSS5.4AI score0.00115EPSS
Exploits0References10
redhatcve
redhatcve
added 2025/05/22 8:35 p.m.4 views

CVE-2021-36132

An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations specifically fil...

8.8CVSS7.2AI score0.01021EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2022/03/30 12:0 a.m.3 views

PT-2022-18875 · Mediawiki +1 · Mediawiki +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.37.1 Description: An issue was discovered in the ImportPlanValidator.php file of the FileImporter extension, where it mishandles the check for edit rights. Recommendations: For MediaWiki versions through 1.37.1,...

9.8CVSS6AI score0.01439EPSS
Exploits5References21
ptsecurity
ptsecurity
added 2021/06/12 12:0 a.m.5 views

PT-2021-21129 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.36 Description: An issue was discovered in the FileImporter extension. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus...

9.8CVSS6.2AI score0.03832EPSS
Exploits18References75
redhatcve
redhatcve
added 2020/12/02 6:47 p.m.24 views

CVE-2020-26121

An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload...

7.5CVSS4.1AI score0.01277EPSS
Exploits0References4
cnvd
cnvd
added 2020/11/04 12:0 a.m.8 views

MediaWiki suffers from an unspecified vulnerability (CNVD-2021-38683)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.35.0, which stems from...

4.3CVSS6.6AI score0.007EPSS
Exploits1References1
ptsecurity
ptsecurity
added 2020/09/27 12:0 a.m.6 views

PT-2020-16300 · Wikimedia +1 · Fileimporter Extension +2

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.34.4 FileImporter extension for MediaWiki versions prior to 1.34.4 Description: An issue in the FileImporter extension allows an attacker to import a file into a protected page, bypassing "page creation"...

9.8CVSS5.8AI score0.04098EPSS
Exploits6References43
Rows per page
Query Builder