37 matches found
EUVD-2022-34961
Malicious code in bioql PyPI...
EUVD-2023-40617
Malicious code in bioql PyPI...
BIT-MEDIAWIKI-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
Fedora 39 : mediawiki (2023-7e9d6015f6)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-7e9d6015f6 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...
Fedora 38 : mediawiki (2023-1fcaba0998)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1fcaba0998 advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...
Fedora 37 : mediawiki (2023-d8ae3c122e)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-d8ae3c122e advisory. https://lists.wikimedia.org/hyperkitty/list/mediawiki- [email protected]/thread/H46H5ZYZG2PYUQ5STK7NWKF7GXYW7H6B/ Tenable has extracted t...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
DEBIAN-CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
UBUNTU-CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
Design/Logic Flaw
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
CVE-2023-36674
Summary: CVE-2023-36674 affects MediaWiki prior to certain fixed versions. The issue allows bypass of the Bad image list (badFile) by abusing the thumb parameter (Manualthumb) in the File syntax. Affected versions (per sources): MediaWiki before 1.35.11; 1.36.x through 1.38.x before 1.38.7; 1.39....
CVE-2023-36674
An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list aka badFile by using the thumb parameter aka Manualthumb of the File syntax...
PT-2023-25673 · Mediawiki +1 · Mediawiki +1
Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.11 MediaWiki versions 1.36.x through 1.38.x before 1.38.7 MediaWiki versions 1.39.x before 1.39.4 MediaWiki versions 1.40.x before 1.40.1 Description: An issue was discovered in MediaWiki. It is possible to...
FreeBSD : mediawiki -- multiple vulnerabilities (95dad123-180e-11ee-86ba-080027eda32c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 95dad123-180e-11ee-86ba-080027eda32c advisory. - guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Affected versions are...
SUSE CVE-2017-18252
An issue was discovered in ImageMagick 7.0.7. The MogrifyImageList function in MagickWand/mogrify.c allows attackers to cause a denial of service assertion failure and application exit in ReplaceImageInList via a crafted file...