Skip to main content
CVE-2013-4304 HIGH POC PATCH This Week

The CentralAuth extension for MediaWiki 1.19.x before 1.19.8, 1.20.x before 1.20.7, and 1.21.x before 1.21.2 caches a valid CentralAuthUser object in the centralauth_User cookie even when a user has. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Centralauth Extension Mediawiki
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2014-1666 HIGH PATCH This Week

The do_physdev_op function in Xen 4.1.5, 4.1.6.1, 4.2.2 through 4.2.3, and 4.3.x does not properly restrict access to the (1) PHYSDEVOP_prepare_msix and (2) PHYSDEVOP_release_msix operations, which. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity.

Privilege Escalation Denial Of Service Xen
NVD
CVSS 2.0
8.3
EPSS
3.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy