75 matches found
CVE-2026-22910
The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system...
CVE-2026-22910
The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system...
EUVD-2020-23151
Malware in sbrugna...
EUVD-2023-1399
Malicious code in bioql PyPI...
EUVD-2023-41205
Malicious code in bioql PyPI...
EUVD-2022-44936
Malicious code in bioql PyPI...
EUVD-2022-3508
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-37300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of...
Linux Distros Unpatched Vulnerability : CVE-2022-41765
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. HTMLUserTextField exposes the existence of hidden...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
BIT-MEDIAWIKI-2020-25813
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users...
BIT-MEDIAWIKI-2020-35480
An issue was discovered in MediaWiki before 1.35.1. Missing users accounts that don't exist and hidden users accounts that have been explicitly hidden due to being abusive, or similar that the viewer cannot see are handled differently, exposing sensitive information about the hidden status to...
BIT-MEDIAWIKI-2022-41765
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. HTMLUserTextField exposes the existence of hidden users...
BIT-MEDIAWIKI-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-45369
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed...
Design/Logic Flaw
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed...
CVE-2023-45369
An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed...
Information Disclosure
mediawiki/proofread-page is vulnerable to Information Disclosure. The vulnerability exists due to the lack of user permission validation in PageDisplayHandler.php and PageContentHandler.php, which allows an attacker to discover hidden users in the system...
CVE-2023-37305
An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...
CVE-2023-37300
An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users...