Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix element vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-26131
Element Android is an Android Matrix Client. Element Android version 1.4.3 up to and including 1.6.10 is vulnerable to intent redirection, allowing a third-party malicious application to start any internal activity by passing some extra parameters. Possible impact includes making...
NA
CVE-2024-26132
Element Android is an Android Matrix Client. A third-party malicious application installed on the same phone can force Element Android, version 0.91.0 up to and including 1.6.12, to share files stored under the `files` directory in the application's private data directory to...
6.5
CVSSv3
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Imagemagick Imagemagick 7.1.0-49
31 Github repositories
6.5
CVSSv3
CVE-2022-44267
ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image (e.g., for resize), the convert process could be left waiting for stdin input.
Imagemagick Imagemagick 7.1.0-49
4 Github repositories
6.5
CVSSv3
CVE-2022-41904
Element iOS is an iOS Matrix client provided by Element. It is based on MatrixSDK. Prior to version 1.9.7, events encrypted using Megolm for which trust could not be established did not get decorated accordingly (with warning shields). Therefore a malicious homeserver could injec...
Element Element
8.8
CVSSv3
CVE-2022-23597
Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop prior to 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another b...
Element Desktop
1 Github repository
9.8
CVSSv3
CVE-2021-44538
The olm_session_describe function in Matrix libolm prior to 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can co...
Matrix Element
Matrix Javascript Sdk
Matrix Olm
Schildi Schildichat
Cinny Project Cinny
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
5.9
CVSSv3
CVE-2021-40824
A logic error in the room key sharing functionality of Element Android prior to 1.2.2 and matrix-android-sdk2 (aka Matrix SDK for Android) prior to 1.2.2 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol m...
Matrix Element
Matrix Matrix-android-sdk2
5.9
CVSSv3
CVE-2021-40823
A logic error in the room key sharing functionality of matrix-js-sdk (aka Matrix Javascript SDK) prior to 12.4.1 allows a malicious Matrix homeserver present in an encrypted room to steal room encryption keys (via crafted Matrix protocol messages) that were originally sent by aff...
Matrix Javascript Sdk
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started