Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrix project vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-36432
An issue exists in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().
Alg Ds Project Alg Ds
7.8
CVSSv3
CVE-2021-32622
Matrix-React-SDK is a react-based SDK for inserting a Matrix chat/voip client into a web page. Before version 3.21.0, when uploading a file, the local file preview can lead to execution of scripts embedded in the uploaded file. This can only occur after several user interactions ...
Matrix-react-sdk Project Matrix-react-sdk
6.5
CVSSv3
CVE-2021-29453
matrix-media-repo is an open-source multi-domain media repository for Matrix. Versions 1.2.6 and previous versions of matrix-media-repo do not properly handle malicious images which are crafted to be small in file size, but large in complexity. A malicious user could upload a rel...
Matrix-media-repo Project Matrix-media-repo
9.8
CVSSv3
CVE-2021-29936
An issue exists in the adtensor crate through 2021-01-11 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix.
Adtensor Project Adtensor
4.3
CVSSv3
CVE-2021-21320
matrix-react-sdk is an npm package which is a Matrix SDK for React Javascript. In matrix-react-sdk before version 3.15.0, the user content sandbox can be abused to trick users into opening unexpected documents. The content is opened with a `blob` origin that cannot access Matrix ...
Matrix-react-sdk Project Matrix-react-sdk
7.5
CVSSv3
CVE-2021-25906
An issue exists in the basic_dsp_matrix crate prior to 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.
Basic Dsp Matrix Project Basic Dsp Matrix
6.5
CVSSv3
CVE-2021-21269
Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack ca...
Keymaker Project Keymaker
5.4
CVSSv3
CVE-2020-2224
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
5.4
CVSSv3
CVE-2020-2225
Jenkins Matrix Project Plugin 1.16 and previous versions does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
Jenkins Matrix Project
6.8
CVSSv3
CVE-2009-4067
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel prior to 2.6.27 allows physically proximate malicious users to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.
Linux Linux Kernel
Redhat Enterprise Linux 4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »