Search CVE reports


Toggle filters

181 – 190 of 345 results


CVE-2019-18611

Medium priority
Ignored

An issue was discovered in the CheckUser extension through 1.34 for MediaWiki. Certain sensitive information within oversighted edit summaries made available via the MediaWiki API was potentially visible to users with various...

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Not affected
Show less packages

CVE-2012-0046

Medium priority
Ignored

mediawiki allows deleted text to be exposed

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki
Show less packages

CVE-2019-16738

Medium priority
Vulnerable

In MediaWiki through 1.33.0, Special:Redirect allows information disclosure of suppressed usernames via a User ID Lookup.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2019-12470

Medium priority

Some fixes available 14 of 17

Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12469

Medium priority

Some fixes available 14 of 17

MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12474

Medium priority

Some fixes available 14 of 17

Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Privileged API responses that include whether a recent change has been patrolled may be cached publicly. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12473

Medium priority

Some fixes available 14 of 17

Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing invalid titles to the API could cause a DoS by querying the entire watchlist table. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12472

Medium priority

Some fixes available 14 of 17

An Incorrect Access Control vulnerability was found in Wikimedia MediaWiki 1.18.0 through 1.32.1. It is possible to bypass the limits on IP range blocks ($wgBlockCIDRLimit) by using the API. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12471

Medium priority

Some fixes available 14 of 17

Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaScript from a non-existent account allows anyone to create the account, and perform XSS on users loading that script. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2019-12466

Medium priority

Some fixes available 14 of 17

Wikimedia MediaWiki through 1.32.1 allows CSRF.

1 affected package

mediawiki

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
mediawiki Fixed Fixed Fixed Fixed Vulnerable
Show less packages