Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix project vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-5519
Cross-site scripting (XSS) vulnerability in the applyConvolution demo in WideImage 11.02.19 allows remote malicious users to inject arbitrary web script or HTML via the matrix parameter to demo/index.php.
Wideimage Project Wideimage 11.02.19
668
VMScore
CVE-2020-36432
An issue exists in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().
Alg Ds Project Alg Ds
356
VMScore
CVE-2021-21269
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack ca...
Keymaker Project Keymaker
383
VMScore
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
605
VMScore
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vu...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
NA
CVE-2024-34353
The matrix-sdk-crypto crate, part of the Matrix Rust SDK project, is an implementation of a Matrix end-to-end encryption state machine in Rust. In Matrix, the server-side `key backup` stores encrypted copies of Matrix message keys. This facilitates key sharing between a user'...
505
VMScore
CVE-2006-1516
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to read portions of memory via a username without a trailing null byte, which causes a buffer over-read.
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 5.0.3
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 4.0.0
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Oracle Mysql 4.0.3
Oracle Mysql 4.0.4
1 EDB exploit
445
VMScore
CVE-2006-1517
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote malicious users to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message.
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 5.0.3
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 4.0.0
Oracle Mysql 4.0.1
Oracle Mysql 4.0.2
Oracle Mysql 4.0.3
Oracle Mysql 4.0.4
465
VMScore
CVE-2006-0903
MySQL 5.0.18 and previous versions allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vend...
Mysql Mysql 5.0.5
Mysql Mysql 5.0.10
Mysql Mysql 5.0.15
Mysql Mysql 5.0.17
Mysql Mysql 4.1.13
Mysql Mysql 4.1.15
Mysql Mysql 4.1.8
Mysql Mysql 4.1.14
Mysql Mysql 4.1.12
Mysql Mysql 4.1.10
Mysql Mysql 5.0.2
Mysql Mysql 5.0.1
Mysql Mysql 4.1.0
Mysql Mysql 5.0.4
Mysql Mysql 4.1.3
Mysql Mysql 5.0.16
Oracle Mysql 3.23
Oracle Mysql 3.23.0
Oracle Mysql 3.23.1
Oracle Mysql 3.23.2
Oracle Mysql 3.23.3
Oracle Mysql 3.23.4
1 EDB exploit
605
VMScore
CVE-2009-0642
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote malicious users to successfully present an invalid X.509 certificate, possibly involving a revoked certificate.
Ruby-lang Ruby 1.9
Ruby-lang Ruby 1.8
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »