Filter
AND
-Infinity
0
Trending
npm/matrix-appservice-ircMatrix IRC Bridge allows IRC command injection to own puppeted user
4.3
EPSS
0.03%
First published (updated )
Matrix Hookshotmatrix-hookshot has a Potential Denial of Service when Hookshot is configured with GitHub support
6.5
EPSS
0.04%
First published (updated )
Matrix olmAn issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cac…
5.3
First published (updated )
Matrix olmAn issue was discovered in Matrix libolm through 3.2.16. Cache-timing attacks can occur due to use o…
5.3
First published (updated )
Matrix olmAn issue was discovered in Matrix libolm through 3.2.16. There is Ed25519 signature malleability due…
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/matrix-js-sdkA room with itself as a its predecessor will freeze matrix-js-sdk
5.3
First published (updated )
Red Hat FedoraSynapse vulnerable to leak of remote user device information
5.3
First published (updated )
Red Hat Fedoramatrix-synapse vulnerable to denial of service due to malicious server ACL events
4.9
First published (updated )
Red Hat FedoraImproper validation of receipts allows forged read receipts in matrix synapse
4.3
First published (updated )
npm/matrix-appservice-bridgematrix-appservice-bridge doesn't verify the sub parameter of an openId token exhange, allowing unauthorized access to provisioning APIs
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix SynapseURL deny list bypass via oEmbed and image URLs when generating previews in Synapse
5.4
First published (updated )
Matrix SynapseImproper checks for deactivated users during login in synapse
5.4
First published (updated )
Matrix SynapseSynapse Outgoing federation to specific hosts can be disabled by sending malicious invites
First published (updated )
Matrix SynapseSynapse Denial of service due to incorrect application of event authorization rules during state resolution
6.5
First published (updated )
Matrix SynapseSynapse does not apply enough checks to servers requesting auth events of events in a room
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix Javascript SDKmatrix-js-sdk vulnerable to invisible eavesdropping in group calls
5.3
First published (updated )
Matrix SynapseUncontrolled Resource Consumption in Matrix Synapse
6.5
First published (updated )
Matrix-appservice-bridgematrix-appservice-irc PgDataStore.ts sql injection
5.6
First published (updated )
Matrix Javascript SDKMatrix Javascript SDK improper beacon events can cause availability issues
5.3
First published (updated )
Matrix-appservice-bridgeIRC mode parameter confusion in matrix-appservice-irc
6.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Red Hat FedoraURL previews can crash Synapse media repositories or Synapse monoliths
6.5
First published (updated )
maven/org.matrix.android:matrix-android-sdk2A logic error in the room key sharing functionality of Element Android before 1.2.2 and matrix-andro…
5.9
First published (updated )
Matrix-appservice-bridgeAutomatic room upgrade handling can be used maliciously to bridge a room non-consentually
6.5
First published (updated )
pip/matrix-synapseDenial of service in Matrix Synapse
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix SydentMalicious users could control the content of invitation emails
5.7
First published (updated )
Matrix SydentDenial of service (via resource exhaustion) due to improper input validation
4.3
First published (updated )
pip/matrix-synapseOpen redirect via transitional IPv6 addresses on dual-stack networks
6.3
First published (updated )
pip/matrix-synapseDenial of service (via resource exhaustion) due to improper input validation on groups/communities endpoints
6.5
First published (updated )
pip/matrix-synapseDenial of service (via resource exhaustion) due to improper input validation on third-party identifier endpoints
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.