13 matches found
EUVD-2007-3970
Malware in sbrugna...
EUVD-2025-21024
Malicious code in bioql PyPI...
CVE-2025-53549
The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation
The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation
The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...
CVE-2025-53549
Summary: The matrix-sdk-sqlite component contains an SQL injection in SqliteEventCacheStore::find_event_with_relations, where SQL is constructed via format!() with unescaped input. This allows an attacker to inject arbitrary SQL when a Matrix client uses the default sqlite-based store backend and...
CVE-2025-53549 Matrix Rust SDK allows SQL injection in the EventCache implementation
The Matrix Rust SDK is a collection of libraries that make it easier to build Matrix clients in Rust. An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that...
GHSA-275G-G844-73JH Matrix Rust SDK vulnerable to SQL Injection through its EventCache implementation
An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly pass relation types provided by those room members into this method, when used with the defau...
Matrix Rust SDK vulnerable to SQL Injection through its EventCache implementation
An SQL injection vulnerability in the EventCache::findeventwithrelations method of matrix-sdk 0.11 and 0.12 allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly pass relation types provided by those room members into this method, when used with the defau...
PT-2025-29132 · Unknown · Matrix-Sdk
Name of the Vulnerable Software and Affected Versions: matrix-sdk versions 0.11 through 0.12 Description: An SQL injection vulnerability exists in the EventCache::find event with relations method. This allows malicious room members to execute arbitrary SQL commands in Matrix clients that directly...
Authentication flaw
file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer 4.6.3 allows remote attackers to bypass authentication via a name parameter that specifies the eventcache directory and a non-GIF file, which causes the $dontvalidate variable to be set to true. NOTE: a separate traversal...
CVE-2007-3986
file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer 4.6.3 allows remote attackers to bypass authentication via a name parameter that specifies the eventcache directory and a non-GIF file, which causes the $dontvalidate variable to be set to true. NOTE: a separate traversal...
CVE-2007-3986
file.cgi in Secure Computing SecurityReporter aka Network Security Analyzer 4.6.3 allows remote attackers to bypass authentication via a name parameter that specifies the eventcache directory and a non-GIF file, which causes the $dontvalidate variable to be set to true. NOTE: a separate traversal...