Improperly Controlled Modification of Dynamically-Determined Object Attributes

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Improperly Controlled Modification of...

CVE-2025-67479 Magic word replacement in legacy parser allows using reserved data attributes through wikitext

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...

CVE-2025-67479 Magic word replacement in legacy parser allows using reserved data attributes through wikitext

Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Cite. This vulnerability is associated with program files includes/Parser/CoreParserFunctions.Php, includes/Parser/Sanitizer.Php. This issue affects MediaWiki: from before 1.39.14, 1.43.4, 1.44.1; Cite: from before 1.39.14,...

CVE-2025-67479

CVE-2025-67479 is a MediaWiki vulnerability (Cite context) involving magic word replacement in the legacy parser that allows using reserved data attributes via wikitext. Affected are MediaWiki releases before 1.39.14, 1.43.4, and 1.44.1; Cite module is also listed as affected. Debian LTS advisory...

SUSE CVE-2023-37443

Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the...