Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rooms vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2023-45129
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed fede...
Matrix Synapse
Fedoraproject Fedora 37
Fedoraproject Fedora 38
NA
CVE-2010-0277
slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE re...
Adium Adium 1.3.8
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
NA
CVE-2024-31208
Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances prior to 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption ...
3.1
CVSSv3
CVE-2021-39163
Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where t...
Matrix Synapse
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.7
CVSSv3
CVE-2022-40137
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
Lenovo Ideacentre C5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre E96z Firmware M26kt24a
Lenovo Ideacentre 3 07iab7 Firmware M49kt1da
Lenovo Ideacentre 3-07imb05 Firmware M2vkt1fa
Lenovo Ideacentre 5 14iab7 Firmware M42kt40a
Lenovo Ideacentre 5-14acn6 Firmware O5ekt23a
Lenovo Ideacentre 5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre 5-14iob6 Firmware M3gkt38a
Lenovo Ideacentre Aio 3-22ada6 Firmware O5ckt24a
Lenovo Ideacentre Aio 3-22iil5 Firmware O56kt22a
Lenovo Ideacentre Aio 3-22itl6 Firmware O5akt31a
Lenovo Ideacentre Aio 3-24ada6 Firmware O5ckt24a
Lenovo Ideacentre Aio 3-24alc6 Firmware O5bkt24a
Lenovo Ideacentre Aio 3-24iil5 Firmware O56kt22a
Lenovo Ideacentre Aio 3-24itl6 Firmware O5akt31a
Lenovo Ideacentre Aio 3-27alc6 Firmware O5bkt24a
Lenovo Ideacentre Aio 3-27itl6 Firmware O5akt31a
Lenovo Ideacentre G5-14imb05 Firmware O4hkt3aa
Lenovo Ideacentre Gaming 5 17acn7 Firmware O5ekt23a
Lenovo Ideacentre Gaming 5 17iab7 Firmware M42kt40a
Lenovo Ideacentre Gaming 5-14acn6 Firmware O5ekt23a
Lenovo Ideacentre Gaming 5-14iob6 Firmware M3gkt38a
7.5
CVSSv3
CVE-2022-31152
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of [event authorization rules](https://spec.matrix.org/v1.2/rooms/v9/#authorization-rules) which must be checked when determining if an event...
Matrix Synapse
5.3
CVSSv3
CVE-2023-29529
matrix-js-sdk is the Matrix Client-Server SDK for JavaScript and TypeScript. An attacker present in a room where an MSC3401 group call is taking place can eavesdrop on the video and audio of participants using matrix-js-sdk, without their knowledge. To affected matrix-js-sdk user...
Matrix Javascript Sdk
5.9
CVSSv3
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) prior to 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by aff...
Matrix Javascript Sdk
7.8
CVSSv3
CVE-2022-43777
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Hp Zcentral 4r Workstation Firmware
Hp Z1 All-in-one G3 Workstation Firmware
Hp Elitebook 725 G4 Firmware
Hp Elitebook 745 G4 Firmware
Hp Elitebook 755 G4 Firmware
Hp Probook 645 G3 Firmware
Hp Probook 655 G3 Firmware
Hp Mt43 Mobile Thin Client Firmware
Hp Elite X2 1012 G2 Firmware
Hp Elitebook 1040 G4 Firmware
Hp Elitebook 820 G4 Firmware
Hp Elitebook 828 G4 Firmware
Hp Elitebook 840 G4 Firmware
Hp Elitebook 848 G4 Firmware
Hp Elitebook 850 G4 Firmware
Hp Elitebook X360 1020 G2 Firmware
Hp Elitebook X360 1030 G2 Firmware
Hp Pro X2 612 G2 Firmware
Hp Probook 455 G4 Firmware
Hp Probook 640 G3 Firmware
Hp Probook 650 G3 Firmware
Hp Zbook 14u G4 Firmware
7.8
CVSSv3
CVE-2022-43778
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Hp Zcentral 4r Workstation Firmware
Hp Z1 All-in-one G3 Workstation Firmware
Hp Elitebook 725 G4 Firmware
Hp Elitebook 745 G4 Firmware
Hp Elitebook 755 G4 Firmware
Hp Probook 645 G3 Firmware
Hp Probook 655 G3 Firmware
Hp Mt43 Mobile Thin Client Firmware
Hp Elite X2 1012 G2 Firmware
Hp Elitebook 1040 G4 Firmware
Hp Elitebook 820 G4 Firmware
Hp Elitebook 828 G4 Firmware
Hp Elitebook 840 G4 Firmware
Hp Elitebook 848 G4 Firmware
Hp Elitebook 850 G4 Firmware
Hp Elitebook X360 1020 G2 Firmware
Hp Elitebook X360 1030 G2 Firmware
Hp Pro X2 612 G2 Firmware
Hp Probook 455 G4 Firmware
Hp Probook 640 G3 Firmware
Hp Probook 650 G3 Firmware
Hp Zbook 14u G4 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »