Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix project vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-36432
An issue exists in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().
Alg Ds Project Alg Ds
4.4
CVSSv2
CVE-2021-32622
Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can only occur after several user interactions ...
Matrix-react-sdk Project Matrix-react-sdk
4
CVSSv2
CVE-2021-29453
matrix-media-repo is an open-source multi-domain media repository for Matrix. Versions 1.2.6 and previous versions of matrix-media-repo do not properly handle malicious images which are crafted to be small in file size, but large in complexity. A malicious user could upload a rel...
Matrix-media-repo Project Matrix-media-repo
7.5
CVSSv2
CVE-2021-29936
An issue exists in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix.
Adtensor Project Adtensor
4.3
CVSSv2
CVE-2021-21320
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix ...
Matrix-react-sdk Project Matrix-react-sdk
5
CVSSv2
CVE-2021-25906
An issue exists in the basic_dsp_matrix crate prior to 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.
Basic Dsp Matrix Project Basic Dsp Matrix
4
CVSSv2
CVE-2021-21269
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack ca...
Keymaker Project Keymaker
3.5
CVSSv2
CVE-2020-2225
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
3.5
CVSSv2
CVE-2020-2224
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
7.2
CVSSv2
CVE-2009-4067
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel prior to 2.6.27 allows physically proximate malicious users to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Linux Linux Kernel
Redhat Enterprise Linux 4.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »