Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.14 views

openSUSE 16 Security Update : mariadb (openSUSE-SU-2026:20933-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20933-1 advisory. This update for mariadb fixes the following issues Update to 11.8.8: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. -...

10CVSS7.3AI score0.00703EPSS
Exploits1References36
OSV
OSV
added 2026/06/05 12:16 p.m.5 views

SUSE-SU-2026:2284-1 Security update for mariadb

This update for mariadb fixes the following issues: - CVE-2026-3494: audit plugin comment handling bypass bsc1259176. - CVE-2026-34303: mysql: optimizer unspecified vulnerability bsc1266435. - CVE-2026-44168: wsrep SST unsafe parameter handling on the donor side bsc1266442. - CVE-2026-44170:...

10CVSS7.2AI score0.00703EPSS
Exploits1References21
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2015-5032

Malware in sbrugna...

5CVSS6.4AI score0.02064EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/04/09 12:0 a.m.6 views

The vulnerability of the CheckUser extension of the software environment for implementing MediaWiki’s hypertext environment allows a violator to cause a service failure.

The vulnerability of the CheckUser extension of the MediaWiki software environment relates to the use of the URL address rest.php/checkuser/v0/useragentclienthints/revision/, which is used to store any number of lines in cuuseragentclienthints. Exploiting this vulnerability could allow a maliciou...

6.8CVSS6.5AI score0.00543EPSS
Exploits1References3Affected Software2
ATTACKERKB
ATTACKERKB
added 2023/10/09 5:15 a.m.4 views

CVE-2023-45367

An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cuuseragentclienthints, leading to a...

6.5CVSS6.7AI score0.00543EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/10/09 12:0 a.m.5 views

MediaWiki Security Breach

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki suffers from a security vulnerability that stems from a CheckUser extension user can...

6.5CVSS6.8AI score0.00543EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2021/10/05 12:0 a.m.363 views

Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload

Exploit Title: Wordpress Plugin MStore API 2.0.6 - Arbitrary File Upload Google Dork: inurl:/wp-content/plugins/mstore-api/ Date: 22/09/2021 Exploit Author: spacehen Vendor Homepage: https://wordpress.org/plugins/mstore-api/ Version: 2.0.6, possibly higher Tested on: Ubuntu 20.04.1 import os.path...

7.4AI score
Exploits0
Atlassian
Atlassian
added 2018/12/20 1:10 a.m.31 views

On error at /rest/ stack-trace is publicly visible

h3. Summary On Confluence server 6.12.2 requesting wrong REST URL /rest/cql/contenttypes?category=test we will see full stack-trace. The same we can see at https://confluence.atlassian.com/rest/cql/contenttypes?category=test On production, a regular user should not see the stack-trace when an err...

0.3AI score
Exploits0
NVD
NVD
added 2015/11/08 10:59 p.m.15 views

CVE-2015-5015

IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to obtain sensitive information via a crafted REST URL...

5CVSS5.9AI score0.02064EPSS
Exploits0References3
Prion
Prion
added 2015/11/08 10:59 p.m.12 views

Information disclosure

IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to obtain sensitive information via a crafted REST URL...

5CVSS6.4AI score0.02064EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/11/08 10:0 p.m.53 views

CVE-2015-5015

CVE-2015-5015 affects IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x prior to Feature Pack 8. A remote attacker can obtain sensitive information via a crafted REST URL, indicating an information-disclosure vulnerability in the REST API surface. The root cause is an improper handling of REST UR...

5CVSS6.1AI score0.02064EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/12/16 11:0 a.m.24 views

CVE-2011-4727

The Server Administration Panel in Parallels Plesk Panel 10.2.0build1011110331.18 does not properly validate string data that is intended for storage in an XML document, which allows remote attackers to cause a denial of service parsing error or possibly have unspecified other impact via a crafte...

7.5AI score0.02004EPSS
Exploits0References2
Rows per page
Query Builder