CVE-2025-29529

ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.aspx...

PT-2025-17858 · Itc Systems · Itc Systems Multiplan/Matrix Onecard

Name of the Vulnerable Software and Affected Versions: ITC Systems Multiplan/Matrix OneCard platform version 3.7.4.1002 Description: The issue is related to a SQL injection vulnerability. It affects the Forgotpassword.aspx component. Recommendations: For version 3.7.4.1002, consider restricting...

Ubuntu: Security Advisory (USN-7444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7444-1 matrix-synapse vulnerabilities

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2023-32683 It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue t...

Fast Plaintext-Ciphertext Matrix Multiplication from Additively Homomorphic Encryption

Plaintext-ciphertext matrix multiplication PC-MM is an indispensable tool in privacy-preserving computations such as secure machine learning and encrypted signal processing. While there are many established algorithms for plaintext-plaintext matrix multiplication, efficiently computing...

ABB Cylon Aspect 3.08.03 (webServerDeviceLabelUpdate.php) - File Write DoS

Exploit title: ABB Cylon Aspect 3.08.03 webServerDeviceLabelUpdate.php File Write DoS Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.03 Summary: ASPECT is an award-winning scalable buildin...

CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

DEBIAN-CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

UBUNTU-CVE-2025-32776

OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the matrixcustomframe file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will...

OpenRazer 缓冲区错误漏洞

OpenRazer is an open source driver and user space daemon for OpenRazer Open Source. It is used to control Razer lighting and other features on GNU/Linux. A buffer error vulnerability exists in OpenRazer versions prior to 3.10.2, which stems from mishandling of the matrixcustomframe file, and may...

ABB Cylon Aspect 3.07.02 (userManagement.php) - Weak Password Policy

ABB Cylon Aspect 3.07.02 userManagement.php - Weak Password Policy Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building energy management...

ABB Cylon Aspect 3.08.02 (licenseServerUpdate.php) - Stored Cross-Site Scripting

ABB Cylon Aspect 3.08.02 licenseServerUpdate.php Stored Cross-Site Scripting Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.02 Summary: ASPECT is an award-winning scalable building energy...

[SECURITY] Fedora 42 Update: matrix-synapse-1.127.1-1.fc42

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

CVE-2025-32026 Element Web could load a malicious instance of Element Call leaking media encryption keys

Element Web is a Matrix web client built using the Matrix React SDK. Element Web, starting from version 1.11.16 up to version 1.11.96, can be configured to load Element Call from an external URL. Under certain conditions, the external page is able to get access to the media encryption keys used f...

Element 安全漏洞

Element is a Matrix web collaboration client from Element Open Source. A security vulnerability exists in Element versions 1.11.16 through 1.11.96, which stems from a configuration that allows an Element Call to be loaded from an external URL, resulting in the disclosure of media encryption keys...

[SECURITY] Fedora 41 Update: matrix-synapse-1.118.0-4.fc41

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

Fedora 41 : matrix-synapse (2025-cddcfd6518)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cddcfd6518 advisory. Backport fixes from v1.127.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

Fedora: Security Advisory (FEDORA-2025-cef83410f7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: matrix-synapse-1.111.1-4.fc40

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

Fedora 40 : matrix-synapse (2025-cef83410f7)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cef83410f7 advisory. Backport fixes from v1.127.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...