Linux Distros Unpatched Vulnerability : CVE-2020-25813

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. CVE-2020-25813 Note that Nessus...

CVE-2023-29134

An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit...

EUVD-2021-18442

Malware in sbrugna...

EUVD-2019-8342

Malware in sbrugna...

EUVD-2021-18449

Malware in sbrugna...

EUVD-2023-41207

Malicious code in bioql PyPI...

EUVD-2022-32660

Malicious code in bioql PyPI...

EUVD-2022-32663

Malicious code in bioql PyPI...

EUVD-2022-32775

Malicious code in bioql PyPI...

EUVD-2023-32740

Malicious code in bioql PyPI...

EUVD-2021-31660

Malicious code in bioql PyPI...

EUVD-2023-40617

Malicious code in bioql PyPI...

CVE-2024-23177

An issue was discovered in the WatchAnalytics extension in MediaWiki before 1.40.2. XSS can occur via the Special:PageStatistics page parameter...

CVE-2022-28209

An issue was discovered in Mediawiki through 1.37.1. The check for the override-antispoof permission in the AntiSpoof extension is incorrect...

CVE-2022-28205

An issue was discovered in MediaWiki through 1.37.1. The CentralAuth extension mishandles a ttl issue for groups expiring in the future...

CVE-2022-34750

An issue was discovered in MediaWiki through 1.38.1. The lemma length of a Wikibase lexeme is currently capped at a thousand characters. Unfortunately, this length is not validated, allowing much larger lexemes to be created, which introduces various denial-of-service attack vectors within the...

CVE-2021-36126

An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36. If the MediaWiki:Abusefilter-blocker message is invalid within the content language, the filter user falls back to the English version, but that English version could also be invalid on a wiki. This would result in a...

CVE-2021-36125

An issue was discovered in the CentralAuth extension in MediaWiki through 1.36. The Special:GlobalRenameRequest page is vulnerable to infinite loops and denial of service attacks when a user's current username is beyond an arbitrary maximum configuration value MaxNameChars...

CVE-2021-42045

An issue was discovered in SecurePoll in the Growth extension in MediaWiki through 1.36.2. Simple polls allow users to create alerts by changing their User-Agent HTTP header and submitting a vote...

CVE-2025-32696 "reupload-own" restriction can be bypassed by reverting file

Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/actions/RevertAction.Php, includes/api/ApiFileRevert.Php. This issue affects MediaWiki: before 1.39.12, 1.42.6, 1.43.1...