Filter
-Infinity
0
Trending
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/matrix-synapseMatrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over …
9.8
First published (updated )
npm/matrix-appservice-ircmatrix-appservice-irc IRC command injection via admin commands containing newlines
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix SydentSydent does not verify email server certificates
9.3
First published (updated )
Matrix HookshotSandbox escape for instances that have enabled transformation functions in matrix-hookshot
First published (updated )
pip/matrix-synapseMatrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified…
8.8
First published (updated )
Matrix-appservice-bridgeImproper handling of multiline messages in matrix-appservice-irc
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix DendriteIncorrect parsing of access level in gomatrixserverlib and dendrite
8.8
First published (updated )
Matrix-appservice-bridgeParsing issue in matrix-org/node-irc leading to room takeovers
8.8
First published (updated )
Matrix Javascript SDKMatrix JavaScript SDK vulnerable to key/device identifier confusion in SAS verification
8.6
First published (updated )
Matrix Javascript SDKMatrix Javascript SDK vulnerable to Olm/Megolm protocol confusion
8.6
First published (updated )
Matrix Rust SDKWhen matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarder
8.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix Software Development KitMatrix iOS SDK vulnerable ton Olm/Megolm protocol confusion
8.6
First published (updated )
Matrix Software Development Kitmatrix-android-sdk2 vulnerable to Olm/Megolm protocol confusion
8.6
First published (updated )
npm/matrix-js-sdkPrototype pollution in matrix-js-sdk
8.2
First published (updated )
Matrix Javascript SDKPrototype pollution in matrix-js-sdk
8.2
First published (updated )
pip/matrix-synapseCross-site scripting (XSS) vulnerability in the password reset endpoint
8.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Matrix React SDKPrototype pollution in matrix-react-sdk
8.2
First published (updated )
npm/matrix-react-sdkURL preview setting for a room is controllable by the homeserver in matrix-react-sdk
7.7
First published (updated )
Matrix SydentSSRF in Sydent due to missing validation of hostnames
7.7
First published (updated )
Matrix Javascript SDKMatrix Javascript SDK vulnerable to impersonation via forwarded Megolm sessions
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.