Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (447 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2013-1816 4 Debian, Fedoraproject, Mediawiki and 1 more 4 Debian Linux, Fedora, Mediawiki and 1 more 2024-11-21 7.5 High
MediaWiki before 1.19.4 and 1.20.x before 1.20.3 allows remote attackers to cause a denial of service (application crash) by sending a specially crafted request.
CVE-2012-4381 1 Mediawiki 1 Mediawiki 2024-11-21 8.1 High
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.
CVE-2012-0046 1 Mediawiki 1 Mediawiki 2024-11-21 7.5 High
mediawiki allows deleted text to be exposed
CVE-2024-47846 2 Mediawiki, Wikimedia 2 Cargo, Mediawiki-cargo 2024-10-16 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1.
CVE-2024-47847 2 Mediawiki, Wikimedia 2 Cargo, Mediawiki-cargo 2024-10-16 6.1 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross-Site Scripting (XSS).This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1.
CVE-2024-47849 2 Mediawiki, Wikimedia 2 Cargo, Mediawiki-cargo 2024-10-16 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1.
CVE-2023-45359 1 Mediawiki 1 Vector Skin 2024-10-10 6.5 Medium
An issue was discovered in the Vector Skin component for MediaWiki before 1.39.5 and 1.40.x before 1.40.1. vector-toc-toggle-button-label is not escaped, but should be, because the line param can have markup.