Lucene search
K

45 matches found

Vulnrichment
Vulnrichment
added 2024/10/15 3:2 p.m.19 views

CVE-2024-47771 Element Desktop vulnerable to potential exposure of access token via authenticated media

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...

7CVSS7.1AI score0.00567EPSS
Exploits0References3
CVE
CVE
added 2024/10/15 3:2 p.m.59 views

CVE-2024-47771

CVE-2024-47771 affects Element Desktop. Versions 1.11.70–1.11.80 expose access tokens under crafted conditions, with at least one vector identified (malicious widgets); other vectors may exist. Red Hat/SUSE/OpenSUSE advisories confirm the issue and recommend upgrading to Element Desktop/Web 1.11....

7CVSS6.8AI score0.00567EPSS
Exploits0References3
OSV
OSV
added 2024/10/15 3:2 p.m.10 views

CVE-2024-47771 Element Desktop vulnerable to potential exposure of access token via authenticated media

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...

7CVSS6.6AI score0.00567EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/15 3:2 p.m.26 views

CVE-2024-47771 Element Desktop vulnerable to potential exposure of access token via authenticated media

Element Desktop is a Matrix client for desktop platforms. Element Desktop versions 1.11.70 through 1.11.80 contain a vulnerability which can, under specially crafted conditions, lead to the access token becoming exposed to third parties. At least one vector has been identified internally, involvi...

7CVSS0.00567EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.4 views

PT-2024-32808 · Element · Element Desktop

Name of the Vulnerable Software and Affected Versions: Element Desktop versions 1.11.70 through 1.11.80 Description: The issue concerns a vulnerability in Element Desktop, a Matrix client for desktop platforms, which can lead to the exposure of access tokens to third parties under specially craft...

7CVSS7.2AI score0.00567EPSS
Exploits0References19
OSV
OSV
added 2024/08/27 12:0 a.m.7 views

OPENSUSE-SU-2024:14288-1 element-desktop-1.11.75-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.75-1.1 package on the GA media of openSUSE Tumbleweed...

5.3CVSS4.8AI score0.00455EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.5 views

OPENSUSE-SU-2024:12895-1 element-desktop-1.11.30-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.30-1.1 package on the GA media of openSUSE Tumbleweed...

5.4CVSS5AI score0.00617EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.12 views

OPENSUSE-SU-2024:13054-1 element-desktop-1.11.36-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.36-1.1 package on the GA media of openSUSE Tumbleweed...

6.1CVSS5.9AI score0.00448EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.18 views

OPENSUSE-SU-2024:13395-1 element-desktop-1.11.47-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.47-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS9.4AI score0.49013EPSS
Exploits3References1
OSV
OSV
added 2024/06/15 12:0 a.m.7 views

OPENSUSE-SU-2024:13265-1 element-desktop-1.11.43-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.43-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS7.6AI score0.99735EPSS
Exploits9References1
OSV
OSV
added 2024/06/15 12:0 a.m.18 views

OPENSUSE-SU-2024:12374-1 element-desktop-1.11.8-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.8-1.1 package on the GA media of openSUSE Tumbleweed...

8.6CVSS6.8AI score0.01047EPSS
Exploits0References4
OSV
OSV
added 2024/06/15 12:0 a.m.6 views

OPENSUSE-SU-2024:11789-1 element-desktop-1.9.9-1.1 on GA media

These are all security issues fixed in the element-desktop-1.9.9-1.1 package on the GA media of openSUSE Tumbleweed...

8.8CVSS8.9AI score0.0148EPSS
Exploits0References1
OSV
OSV
added 2024/06/15 12:0 a.m.13 views

OPENSUSE-SU-2024:12294-1 element-desktop-1.11.4-1.1 on GA media

These are all security issues fixed in the element-desktop-1.11.4-1.1 package on the GA media of openSUSE Tumbleweed...

8.2CVSS6.9AI score0.0094EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 3:28 a.m.1 views

SUSE CVE-2022-23597

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

8.8CVSS9AI score0.0148EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/08/19 12:0 a.m.8 views

The vulnerability of the data transmission software via the Matrix protocol in Element Desktop lies in the possibility of exploiting memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of the data transmission software via the Matrix protocol in Element Desktop is related to the possibility of using memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created link...

10CVSS8.1AI score0.0148EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2022/02/01 12:15 p.m.29 views

CVE-2022-23597

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

8.8CVSS0.0148EPSS
Exploits0References2
Prion
Prion
added 2022/02/01 12:15 p.m.17 views

Design/Logic Flaw

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

5.1CVSS8.9AI score0.0148EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/02/01 11:49 a.m.40 views

CVE-2022-23597 Remote program execution with user interaction

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

8.3CVSS9AI score0.0148EPSS
Exploits0References2
CVE
CVE
added 2022/02/01 11:49 a.m.136 views

CVE-2022-23597

Element Desktop before 1.9.7 is vulnerable to a remote code execution bug via user interaction that requires a malicious link click followed by another button click. The attacker can specify a binary path on the victim’s machine for execution (arguments cannot be set), and in some configurations ...

8.8CVSS8.8AI score0.0148EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/01 11:49 a.m.7 views

CVE-2022-23597 Remote program execution with user interaction

Element Desktop is a Matrix client for desktop platforms with Element Web at its core. Element Desktop before 1.9.7 is vulnerable to a remote program execution bug with user interaction. The exploit is non-trivial and requires clicking on a malicious link, followed by another button click. To the...

8.3CVSS8.9AI score0.0148EPSS
Exploits0References2
Rows per page
Query Builder