Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21047

Malicious code in bioql PyPI...

8.7CVSS6.3AI score0.00447EPSS
Exploits0References3
CVE
CVE
added 2025/07/10 6:31 p.m.25 views

CVE-2025-53625

The CVE-2025-53625 entry concerns the DynamicPageList3 extension for MediaWiki. Several #dpl parameters can leak usernames that were hidden via revision deletion, suppression, or the hideuser block flag. The issue affects DynamicPageList3 prior to version 3.6.4 and is addressed by upgrading to 3....

8.7CVSS6.6AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2025/07/10 1:10 p.m.4 views

GHSA-7PGW-Q3QP-6PGQ DynamicPageList3 vulnerability exposes hidden/suppressed usernames

Summary Several dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. Details The parameters adduser, addauthor, and addlasteditor output the page creator or last editor using the %USER% placeholder. These display the actual...

8.7CVSS6.2AI score0.00447EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/07/10 1:10 p.m.8 views

DynamicPageList3 vulnerability exposes hidden/suppressed usernames

Summary Several dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. Details The parameters adduser, addauthor, and addlasteditor output the page creator or last editor using the %USER% placeholder. These display the actual...

8.7CVSS7.2AI score0.00447EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 11:52 p.m.7 views

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4.3CVSS6.7AI score0.00573EPSS
Exploits1References1
OSV
OSV
added 2023/05/29 9:15 p.m.1 views

UBUNTU-CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

4.3CVSS5.7AI score0.00573EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/29 12:0 a.m.4 views

PT-2023-14033 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.8 MediaWiki versions 1.36.x through 1.37.4 MediaWiki versions 1.38.x through 1.38.2 Description: An issue was discovered in MediaWiki where the alreadyrolled message can leak a user name upon an action=rollbac...

9.8CVSS5.9AI score0.22699EPSS
Exploits27References104
RedhatCVE
RedhatCVE
added 2020/12/18 5:9 p.m.22 views

CVE-2020-35477

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox or a tags checkbox next to it, there i...

5.3CVSS3.4AI score0.01512EPSS
Exploits1References4
OSV
OSV
added 2020/12/18 8:15 a.m.1 views

DEBIAN-CVE-2020-35477

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox or a tags checkbox next to it, there i...

5.3CVSS6AI score0.01512EPSS
Exploits1References1
OSV
OSV
added 2020/12/18 8:15 a.m.2 views

UBUNTU-CVE-2020-35477

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggles the "Change visibility of selected log entries" checkbox or a tags checkbox next to it, there i...

5.3CVSS7.1AI score0.01512EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2018/10/01 12:0 a.m.4 views

PT-2018-3640 · Wikimedia +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.1 Description: The issue is related to a lack of input validation mechanism in MediaWiki, which can be exploited by a remote attacker to impact data integrity. Specifically, when MediaWiki:Mainpage is set to...

7.5CVSS5.1AI score0.01573EPSS
Exploits5References52
OSV
OSV
added 2017/04/20 5:59 p.m.1 views

DEBIAN-CVE-2016-6336

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete...

6.5CVSS7AI score0.00962EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2017/04/20 5:0 p.m.22 views

CVE-2016-6336

MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote authenticated users with undelete permissions to bypass intended suppressrevision and deleterevision restrictions and remove the revision deletion status of arbitrary file revisions by using Special:Undelete...

6.5CVSS6.8AI score0.00962EPSS
Exploits0
Rows per page
Query Builder