Lucene search
K

22 matches found

OSV
OSV
added yesterday6 views

ROOT-OS-DEBIAN-11-CVE-2022-50336 CVE-2022-50336 in rootio-linux - Patched by Root

Root has patched CVE-2022-50336 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5.4AI score0.00145EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/16 1:5 p.m.5 views

CVE-2022-50336

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...

5.5CVSS5.5AI score0.00145EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/09/16 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-50336

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could...

5.5CVSS6.2AI score0.00145EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/09/15 3:15 p.m.2 views

CVE-2022-50336

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add null pointer check to attrloadrunsvcn Some metadata files are handled before MFT. This adds a null pointer check for some corner cases that could lead to NPD while reading these metadata files for a malformed NTFS...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/12/23 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2024-0395)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS7.5AI score0.00835EPSS
Exploits0References5
OSV
OSV
added 2024/12/21 8:16 p.m.9 views

MGASA-2024-0395 Updated thunderbird packages fix security vulnerability

Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. CVE-2024-50336...

5.3CVSS7.5AI score0.00835EPSS
Exploits0References4
Mageia
Mageia
added 2024/12/21 8:16 p.m.20 views

Updated thunderbird packages fix security vulnerability

Matrix-js-sdk has insufficient MXC URI validation which could allow client-side path traversal. CVE-2024-50336...

5.3CVSS6.9AI score0.00835EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/12/17 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2024:4326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS9.6AI score0.00835EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/17 12:0 a.m.4 views

MozillaThunderbird-128.5.2-1.1 on GA media (moderate)

MozillaThunderbird-128.5.2-1.1 on GA media Announcement ID: openSUSE-SU-2024:14584-1 Rating: moderate Cross-References: CVE-2024-50336 CVSS scores: CVE-2024-50336 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...

4.3CVSS6.8AI score0.00835EPSS
Exploits0
OSV
OSV
added 2024/12/16 1:11 p.m.8 views

SUSE-SU-2024:4326-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: - CVE-2024-50336: Fixed insufficient MXC URI validation which could allow client-side path traversal bsc1234413 Other fixes: - Updated to Mozilla Thunderbird 128.5.2i bsc1234413: fixed: Large virtual folders could be very slow fixed:...

5.3CVSS6.9AI score0.00835EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/12/13 12:21 a.m.3 views

SUSE CVE-2024-50336

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

4.3CVSS8.9AI score0.00835EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/12/12 12:0 a.m.9 views

Slackware: Security Advisory (SSA:2024-346-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS6.5AI score0.00835EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.12 views

Mozilla Thunderbird < 128.5.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 128.5.2. It is, therefore, affected by a vulnerability as referenced in the mfsa2024-69 advisory. - The Matrix specification demands homeservers to perform validation of the server-name and media-id components o...

5.3CVSS8.1AI score0.00835EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/11/12 7:54 p.m.9 views

@airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9), @caelum-tech/lorena-matrix-client (>=1.3.0 <=2.1.2) +52 more potentially affected by CVE-2024-50336 via matrix-js-sdk (>=0.0.4 <=34.0.0)

matrix-js-sdk NPM version =0.0.4, =0.0.1, =1.3.0, =1.0.0, =2.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =0.0.1, =0.0.0-development, =0.17.0, =4.0.1, =1.2.0, =1.1.0, =1.8.0-beta.1 and more Source cves: CVE-2024-50336 Source advisory: OSV:GHSA-XVG8-M4X3-W6XR...

5.3CVSS7.2AI score0.00835EPSS
Exploits0
Circl
Circl
added 2024/11/12 6:53 p.m.2 views

CVE-2024-50336

creationtimestamp| type| source ---|---|--- 2024-11-12 18:53:50+00:00| seen| https://t.me/cvedetector/10665 2024-12-11 17:25:42+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113635355747091624...

5.3CVSS8.5AI score0.00835EPSS
Exploits0References2
NVD
NVD
added 2024/11/12 5:15 p.m.39 views

CVE-2024-50336

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

5.3CVSS0.00835EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/12 4:38 p.m.11 views

CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

5.3CVSS7AI score0.00835EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/12 4:38 p.m.43 views

CVE-2024-50336 matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. matrix-js-sdk before 34.11.0 is vulnerable to client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients based on the matrix-js-sdk to issue arbitrary authenticated GET requests to the...

5.3CVSS0.00835EPSS
Exploits0References2
CVE
CVE
added 2024/11/12 4:38 p.m.135 views

CVE-2024-50336

CVE-2024-50336 affects matrix-js-sdk up to version 34.11.0 and allows client-side path traversal via crafted MXC URIs. A malicious room member can trigger clients to issue arbitrary authenticated GET requests to the user’s homeserver. The issue is fixed in matrix-js-sdk 34.11.1. Affected product:...

5.3CVSS6.5AI score0.00835EPSS
Exploits0References3
Circl
Circl
added 2024/02/14 6:27 p.m.4 views

CVE-2023-50336

creationtimestamp| type| source ---|---|--- 2024-02-14 18:27:21+00:00| seen| https://t.me/ctinow/184889...

4.8AI score
Exploits0References1
Rows per page
Query Builder