Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5519
Cross-site scripting (XSS) vulnerability in the applyConvolution demo in WideImage 11.02.19 allows remote malicious users to inject arbitrary web script or HTML via the matrix parameter to demo/index.php.
Wideimage Project Wideimage 11.02.19
9.8
CVSSv3
CVE-2020-36432
An issue exists in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().
Alg Ds Project Alg Ds
6.5
CVSSv3
CVE-2021-21269
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack ca...
Keymaker Project Keymaker
7.6
CVSSv3
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vu...
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Jasper Project Jasper
5.7
CVSSv3
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
Jasper Project Jasper
NA
CVE-2024-34353
The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is an implementation of a Matrix end-to-end encryption state machine in Rust. In Matrix, the server-side `key backup` stores encrypted copies of Matrix message keys. This facilitates key sharing between a user'...
NA
CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Oracle Mysql 4.0.1
Oracle Mysql 4.0.10
Oracle Mysql 4.0.16
Oracle Mysql 4.0.17
Oracle Mysql 4.0.24
Oracle Mysql 4.0.25
Oracle Mysql 4.0.7
Oracle Mysql 4.0.8
Mysql Mysql 4.1.10
Oracle Mysql 4.1.17
Oracle Mysql 4.1.18
Oracle Mysql 4.1.2
Mysql Mysql 4.1.8
Oracle Mysql 4.1.9
Oracle Mysql 5.0.12
Oracle Mysql 5.0.13
Mysql Mysql 5.0.3
Oracle Mysql 5.0.3
Mysql Mysql 5.0.4
Oracle Mysql 4.0.0
Oracle Mysql 4.0.14
Oracle Mysql 4.0.15
1 EDB exploit
NA
CVE-2006-1517
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
Oracle Mysql 4.0.0
Oracle Mysql 4.0.1
Oracle Mysql 4.0.15
Oracle Mysql 4.0.16
Oracle Mysql 4.0.24
Oracle Mysql 4.0.25
Oracle Mysql 4.0.7
Oracle Mysql 4.1.0
Mysql Mysql 4.1.10
Oracle Mysql 4.1.17
Oracle Mysql 4.1.18
Oracle Mysql 4.1.7
Mysql Mysql 4.1.8
Oracle Mysql 5.0.11
Oracle Mysql 5.0.12
Mysql Mysql 5.0.3
Oracle Mysql 5.0.3
Oracle Mysql 4.0.13
Oracle Mysql 4.0.14
Oracle Mysql 4.0.20
Oracle Mysql 4.0.21
Oracle Mysql 4.0.10
NA
CVE-2006-0903
MySQL 5.0.18 and previous versions allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vend...
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 3.23
Oracle Mysql 3.23.0
Oracle Mysql 3.23.1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.3
Oracle Mysql 3.23.4
1 EDB exploit
NA
CVE-2009-0642
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote malicious users to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.8
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »