4880 matches found
MAL-2024-9794 Malicious code in react-separator (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-native-playstation (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9793 Malicious code in react-native-playstation (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-native-community (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9792 Malicious code in react-native-community (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-and-rockets (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9791 Malicious code in react-and-rockets (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @iceberg-react/test-package (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9466 Malicious code in @iceberg-react/test-package (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
Impact matrix-react-sdk before 3.102.0 allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared...
GHSA-QCVH-P9JQ-WP8V Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
Impact matrix-react-sdk before 3.102.0 allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared...
CVE-2024-47824
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824
Summary: CVE-2024-47824 affects matrix-react-sdk. Versions 3.18.0 through
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
matrix-react-sdk 信息泄露漏洞
matrix-react-sdk is a Matrix open source component for inserting the Matrix chat/voip client into web pages. An information disclosure vulnerability exists in matrix-react-sdk, which stems from the fact that matrix-react-sdk shares a history message key at invite time...
CVE-2024-47831
Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service DoS condition which could lead to excessive CPU consumption. Neither t...
CVE-2024-47831
CVE-2024-47831 concerns Next.js image optimization DoS affecting Next.js branches 10.x–14.x prior to 14.2.7. The vulnerability allows high CPU usage under crafted image requests. Public details show remediation in Next.js 14.2.7. Workaround: ensure next.config.js sets either images.unoptimized, i...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
TPAS Log4Shell PoC This repository contains a Proof of Concep...