Filter
Software
matrix synapse
33
matrix javascript sdk
10
matrix sydent
7
matrix matrix irc bridge
6
matrix software development kit
4
matrix dendrite
2
matrix element
2
matrix libolm
2
matrix matrix-appservice-bridge
2
matrix gomatrixserverlib
1
matrix hookshot
1
matrix matrix ftp server
1
matrix matrix-android-sdk2
1
matrix matrix-react-sdk
1
matrix matrix-rust-sdk
1
matrix react sdk
1
pip/matrix-synapseMatrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over …
9.8
First published (updated )
Matrix Matrix Irc Bridgematrix-appservice-irc IRC command injection via admin commands containing newlines
9.8
First published (updated )
Matrix SydentSydent does not verify email server certificates
9.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix HookshotSandbox escape for instances that have enabled transformation functions in matrix-hookshot
First published (updated )
pip/matrix-synapseMatrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified…
8.8
First published (updated )
Matrix Matrix Irc BridgeImproper handling of multiline messages in matrix-appservice-irc
8.8
First published (updated )
Matrix DendriteIncorrect parsing of access level in gomatrixserverlib and dendrite
8.8
First published (updated )
Matrix Matrix Irc BridgeParsing issue in matrix-org/node-irc leading to room takeovers
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Mozilla ThunderbirdMatrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verification
8.6
First published (updated )
Mozilla ThunderbirdMatrix Javascript SDK vulnerable to Olm/Megolm protocol confusion
8.6
First published (updated )
Matrix Matrix-rust-sdkWhen matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarder
8.6
First published (updated )
Matrix Software Development KitMatrix iOS SDK vulnerable ton Olm/Megolm protocol confusion
8.6
First published (updated )
Matrix Software Development Kitmatrix-android-sdk2 vulnerable to Olm/Megolm protocol confusion
8.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
npm/matrix-js-sdkPrototype pollution in matrix-js-sdk
8.2
First published (updated )
Mozilla ThunderbirdPrototype pollution in matrix-js-sdk
8.2
First published (updated )
Matrix SynapseCross-site scripting (XSS) vulnerability in the password reset endpoint
8.2
First published (updated )
Matrix React SdkPrototype pollution in matrix-react-sdk
8.2
First published (updated )
npm/matrix-react-sdkURL preview setting for a room is controllable by the homeserver in matrix-react-sdk
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix SydentSSRF in Sydent due to missing validation of hostnames
7.7
First published (updated )
Mozilla ThunderbirdMatrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions
7.5
First published (updated )
Matrix SydentDenial of service attack via memory exhaustion
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
FedoraMatrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, us…
7.5
First published (updated )
Matrix SynapseIn Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels e…
7.5
First published (updated )
Matrix SynapseThe on_get_missing_events function in handlers/federation.py in Matrix Synapse before 0.31.1 has a s…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.