Lucene search
K

8 matches found

Cvelist
Cvelist
added 2026/02/02 10:55 p.m.28 views

CVE-2025-6927 Autoblocks from global account suppressions are publicly visible

Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/specials/pagers/BlockListPager.Php, includes/api/ApiQueryBlocks.Php. This issue affects MediaWiki: from = 1.42.0 before 1.39.13, 1.42.7 1.43.2, 1.44.0...

2.3CVSS0.00454EPSS
Exploits0References1
CVE
CVE
added 2026/02/02 10:55 p.m.39 views

CVE-2025-6927

CVE-2025-6927 affects Wikimedia Foundation MediaWiki components BlockListPager.Php and ApiQueryBlocks.Php, enabling information exposure via autoblocks/global suppressions. Affected versions include MediaWiki core releases 1.42.x prior to 1.39.13, 1.42.7–1.43.2, and 1.44.0; remediation is to upgr...

2.3CVSS5.3AI score0.00454EPSS
Exploits0References1
Veracode
Veracode
added 2025/08/07 12:37 p.m.4 views

Sensitive Information Disclosure

Opencast is vulnerable to Sensitive Information Disclosure. The vulnerability is due to exposure of hashed credentials due to incorrect handling of global system account credentials when fetching mediapackage elements, allowing attackers with ingest permissions to exfiltrate them to an external U...

6.5CVSS6AI score0.00353EPSS
Exploits0References6Affected Software4
Vulnrichment
Vulnrichment
added 2025/07/26 3:28 a.m.3 views

CVE-2025-54380 Opencast still publishes global system account credentials

Opencast is a free, open-source platform to support the management of educational audio and video content. Prior to version 17.6, Opencast would incorrectly send the hashed global system account credentials ie: org.opencastproject.security.digest.user and org.opencastproject.security.digest.pass...

6.5CVSS6AI score0.00353EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/26 12:0 a.m.4 views

Opencast 安全漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast versions prior to 17.6 that stems from incorrectly sending hashed global system account credentials, which cou...

6.5CVSS6.3AI score0.00353EPSS
Exploits0References5
Veracode
Veracode
added 2023/10/31 6:24 a.m.20 views

Authentication Bypass

github.com/nats-io/nats-server is vulnerable to Authentication Bypass. The vulnerability is due to configureAccounts function in server.go which allows the creation of a no-authenticated user for the global account. This potentially leads an attacker to unauthorized access to the global account...

6.5CVSS7AI score0.00662EPSS
Exploits0References5Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/10/24 12:0 a.m.6 views

Fedora 38 : nats-server (2023-c33188f575)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-c33188f575 advisory. Without any authorization rules in the nats-server, users can connect without authentication. Before nats-server 2.2.0, all authentication and authorization...

5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.7 views

PT-2023-30299 · Nats +1 · Nats Nats-Server +1

Name of the Vulnerable Software and Affected Versions: NATS nats-server versions 2.2.0 through 2.9.22 NATS nats-server versions 2.10.0 through 2.10.1 Description: The issue is related to an authentication bypass in NATS nats-server. An implicit $G user in an authorization block can sometimes be...

6.5CVSS6.5AI score0.00662EPSS
Exploits0References27
Rows per page
Query Builder