3660 matches found
CVE-2025-54315
The CVE-2025-54315 issue affects the Matrix protocol: prior to matrix 1.16 (room version
CVE-2025-49090
The Matrix specification before 1.16 i.e., with a room version before 12 and State Resolution before 2.1 has deficient state resolution...
PT-2025-39416
Name of the Vulnerable Software and Affected Versions pytorch version 2.7.0 Description A buffer overflow can occur when a PyTorch model includes torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv and is compiled using Inductor. This can lead to a Denial of Service Do...
Reachable Assertion
Overview torch is a Tensors and Dynamic neural networks in Python with strong GPU acceleration Affected versions of this package are vulnerable to Reachable Assertion in the torch.linalg.lu function. In AOTAutograd mode LU decomposition can't accept slice operation and An attacker can cause the...
@dwimm/client-web (>=0.0.1 <=0.0.2-86), @element-hq/web-shared-components (>=0.0.0-test.6 <=0.0.2) +26 more potentially affected by CVE-2025-57354 via counterpart (>=0.16.10 <=0.18.6)
counterpart NPM version =0.16.10, =0.0.1, =0.0.0-test.6, =1.0.0, =2.10.1, =0.0.1, =0.7.1, =0.0.1, =0.1.8, =2.3.0, =3.114.0-rc.0 and more Source cves: CVE-2025-57354 Source advisory: SNYK:JS-COUNTERPART-13110034...
State-Of-The-Art in Software Security Visualization: a Systematic Review
Software security visualization is an interdisciplinary field that combines the technical complexity of cybersecurity, including threat intelligence and compliance monitoring, with visual analytics, transforming complex security data into easily digestible visual formats. As software systems get...
CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
Linux Distros Unpatched Vulnerability : CVE-2025-59160
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor...
matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Impact matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. Patches The issue has been patched and users should upgrade to...
@a.agiir/cinny (>=0.0.1 <=0.0.2), @airgap/beacon-sdk (>=0.0.1 <=0.0.3-beta.9) +74 more potentially affected by CVE-2025-59160 via matrix-js-sdk (>=0.0.4 <=37.5.0)
matrix-js-sdk NPM version =0.0.4, =0.0.1, =0.0.1, =0.0.34, =1.3.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =2.0.0-alpha.3, =2.0.0-alpha.1, =1.4.1, =1.1.0, =0.0.1, =0.0.0-development, =0.0.1-development and more Source cves: CVE-2025-59160 Source advisory: OSV:GHSA-MP7C-M3RH-R56V...
GHSA-MP7C-M3RH-R56V matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Impact matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-supplied room. Patches The issue has been patched and users should upgrade to...
DEBIAN-CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
UBUNTU-CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59161
CVE-2025-59161 affects Element Web and Element Desktop prior to 1.11.112. The issue stems from insufficient validation of room predecessor links, which could allow a remote attacker to impermanently replace a room’s entry in the room list with an attacker-supplied room. The effect is described as...
CVE-2025-59161 In Element Web and Element Desktop, a malicious room can hide an unrelated room and cause it to be left when the malicious room is left
Element Web is a Matrix web client built using the Matrix React SDK. Element Web and Element Desktop before version 1.11.112 have insufficient validation of room predecessor links, allowing a remote attacker to attempt to impermanently replace a room's entry in the room list with an unrelated...
CVE-2025-59160 matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59160 matrix-js-sdk has insufficient validation when considering a room to be upgraded by another
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
CVE-2025-59160
The CVE-2025-59160 entry concerns the Matrix JavaScript SDK (matrix-js-sdk) prior to version 38.2.0, where MatrixClient::getJoinedRooms performs insufficient validation of room predecessor links. This can allow a remote attacker to attempt to replace a tombstoned room with an unrelated attacker-s...