Vulnerabilities > Mediawiki > Mediawiki > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-06-30 CVE-2023-37303 Unspecified vulnerability in Mediawiki
An issue was discovered in the CheckUser extension for MediaWiki through 1.39.3.
network
low complexity
mediawiki
critical
 9.8
9.8
2023-03-31 CVE-2023-29141 An issue was discovered in MediaWiki before 1.35.10, 1.36.x through 1.38.x before 1.38.6, and 1.39.x before 1.39.3.
network
low complexity
mediawiki fedoraproject
critical
 9.8
9.8
2022-04-29 CVE-2022-29906 Missing Authorization vulnerability in Mediawiki
The admin API module in the QuizGame extension for MediaWiki through 1.37.2 (before 665e33a68f6fa1167df99c0aa18ed0157cdf9f66) omits a check for the quizadmin user.
network
low complexity
mediawiki CWE-862
critical
 9.8
9.8
2022-04-29 CVE-2022-29904 SQL Injection vulnerability in Mediawiki
The SemanticDrilldown extension for MediaWiki through 1.37.2 (before e688bdba6434591b5dff689a45e4d53459954773) allows SQL injection with certain '-' and '_' constraints.
network
low complexity
mediawiki CWE-89
critical
 9.8
9.8
2022-03-30 CVE-2022-28209 Unspecified vulnerability in Mediawiki
An issue was discovered in Mediawiki through 1.37.1.
network
low complexity
mediawiki
critical
 9.8
9.8
2022-03-30 CVE-2022-28206 Unspecified vulnerability in Mediawiki
An issue was discovered in MediaWiki through 1.37.1.
network
low complexity
mediawiki
critical
 9.8
9.8
2022-03-30 CVE-2022-28205 Unspecified vulnerability in Mediawiki
An issue was discovered in MediaWiki through 1.37.1.
network
low complexity
mediawiki
critical
 9.8
9.8
2021-08-12 CVE-2021-31556 Improper Validation of Specified Quantity in Input vulnerability in multiple products
An issue was discovered in the Oauth extension for MediaWiki through 1.35.2.
network
low complexity
mediawiki fedoraproject CWE-1284
critical
 9.8
9.8
2021-07-02 CVE-2021-36128 Improper Handling of Exceptional Conditions vulnerability in Mediawiki
An issue was discovered in the CentralAuth extension in MediaWiki through 1.36.
network
low complexity
mediawiki CWE-755
critical
 9.8
9.8
2021-07-02 CVE-2021-36126 Unspecified vulnerability in Mediawiki
An issue was discovered in the AbuseFilter extension in MediaWiki through 1.36.
network
low complexity
mediawiki
critical
 9.8
9.8