Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix project vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-5519
Cross-site scripting (XSS) vulnerability in the applyConvolution demo in WideImage 11.02.19 allows remote malicious users to inject arbitrary web script or HTML via the matrix parameter to demo/index.php.
Wideimage Project Wideimage 11.02.19
7.5
CVSSv2
CVE-2020-36432
An issue exists in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().
Alg Ds Project Alg Ds
4
CVSSv2
CVE-2021-21269
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack ca...
Keymaker Project Keymaker
4.3
CVSSv2
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
6.8
CVSSv2
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vu...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
NA
CVE-2024-34353
The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is an implementation of a Matrix end-to-end encryption state machine in Rust. In Matrix, the server-side `key backup` stores encrypted copies of Matrix message keys. This facilitates key sharing between a user'...
5
CVSSv2
CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 5.0.3
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 4.0.0
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Oracle Mysql 4.0.3
Oracle Mysql 4.0.4
1 EDB exploit
5
CVSSv2
CVE-2006-1517
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 5.0.3
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 4.0.0
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Oracle Mysql 4.0.3
Oracle Mysql 4.0.4
4.6
CVSSv2
CVE-2006-0903
MySQL 5.0.18 and previous versions allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vend...
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 3.23
Oracle Mysql 3.23.0
Oracle Mysql 3.23.1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.3
Oracle Mysql 3.23.4
1 EDB exploit
6.8
CVSSv2
CVE-2009-0642
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote malicious users to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.8
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »