EUVD-2023-41206

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-37302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in SiteLinksView.php in Wikibase in MediaWiki through 1.39.3. There is XSS via a crafted badge title attribute. This is also related to...

CVE-2025-53010

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

CVE-2025-53011

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

CVE-2025-53012

MaterialX 1.39.2 contains a stack-exhaustion vulnerability in its import processing due to no limit on import chain depth. Nested file imports trigger recursion without depth restrictions, allowing an attacker to crash or stall a process parsing MaterialX files. The issue is fixed in MaterialX 1....

CVE-2025-53012 MaterialX's Lack of Import Depth Limit Leads to DoS (Denial-Of-Service) Via Stack Exhaustion

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, nested imports of MaterialX files can lead to a crash via stack memory exhaustion, due to the lack of a limit on the "import chain" depth. When parsin...

CVE-2025-53010 MaterialX's unchecked nodeGraph->getOutput return is vulnerable to NULL Pointer Dereference

MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. In version 1.39.2, when parsing shader nodes in a MTLX file, the MaterialXCore code accesses a potentially null pointer, which can lead to crashes with maliciously craft...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the XML parsing process. An attacker can cause a crash by providing a specially crafted MTLX file with deeply nested nodegraph elements, leading to stack exhaustion during recursive parsing. Remediation...

PT-2025-31591 · Materialx · Materialx

Name of the Vulnerable Software and Affected Versions: MaterialX versions prior to 1.39.3 Description: MaterialX is an open standard for the exchange of rich material and look-development content across applications and renderers. When parsing shader nodes in a MTLX file, the MaterialXCore code...

CVE-2023-37304

An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki version 1.39.3 and earlier versions, which stems fro...

CVE-2023-37305

An issue was discovered in the ProofreadPage aka Proofread Page extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandler.php and includes/Page/PageDisplayHandler.php, hidden users can be exposed via public interfaces...

UBUNTU-CVE-2023-37300

An issue was discovered in the CheckUserLog API in the CheckUser extension for MediaWiki through 1.39.3. There is incorrect access control for visibility of hidden users...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.39.3 and earlier versions, which stems from the fa...

MediaWiki 安全漏洞

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.CheckUser extension is one of the user information checking extensions. A security vulnerability...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A security vulnerability exists in MediaWiki 1.39.3 and earlier versions that stems from not usin...

PT-2023-25896 · Mediawiki +1 · Mediawiki Proofreadpage Extension +1

Name of the Vulnerable Software and Affected Versions: MediaWiki ProofreadPage extension versions through 1.39.3 Description: An issue in the ProofreadPage extension for MediaWiki allows hidden users to be exposed via public interfaces, specifically in the includes/Page/PageContentHandler.php and...

PT-2023-25894 · Mediawiki +1 · Mediawiki Checkuser Extension +1

Name of the Vulnerable Software and Affected Versions: CheckUser extension for MediaWiki versions through 1.39.3 Description: An issue was discovered in certain situations where an attempt to block a user fails after a temporary browser hang and a DBQueryDisconnectedError error message...

PT-2023-25892 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.39.3 Description: An issue was discovered in SubmitEntityAction in Wikibase. Because it doesn't use EditEntity for undo and restore, the intended interaction with AbuseFilter does not occur. Recommendations: For...

PT-2023-25895 · Mediawiki +1 · Doublewiki Extension +2

Name of the Vulnerable Software and Affected Versions: MediaWiki DoubleWiki extension versions through 1.39.3 Description: An issue was discovered in the DoubleWiki extension for MediaWiki that allows XSS via the column alignment feature in includes/DoubleWiki.php. Recommendations: For MediaWiki...