71 matches found
Astra Linux - уязвимость в thunderbird
The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...
EUVD-2025-10406
Malicious code in bioql PyPI...
EUVD-2021-31369
Malicious code in bioql PyPI...
EUVD-2024-42684
Malicious code in bioql PyPI...
EUVD-2024-45526
Malicious code in bioql PyPI...
element-web-1.11.112-1.1 on GA media (moderate)
element-web-1.11.112-1.1 on GA media Announcement ID: openSUSE-SU-2025:15559-1 Rating: moderate Cross-References: CVE-2025-59161 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...
OPENSUSE-SU-2025:15559-1 element-web-1.11.112-1.1 on GA media
These are all security issues fixed in the element-web-1.11.112-1.1 package on the GA media of openSUSE Tumbleweed...
SUSE CVE-2025-59161
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59161
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59161
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
PT-2025-38059
Name of the Vulnerable Software and Affected Versions: Element Web versions prior to 1.11.112 Element Desktop versions prior to 1.11.112 Description: Element Web and Element Desktop are susceptible to a room list manipulation issue due to insufficient validation of room predecessor links. A remot...
CVE-2024-51749
Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in...
CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
SUSE CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...
CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys
Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...