LINE Credential Gatherer

This module searches for credentials in LINE desktop application on a Windows host. LINE is the most popular Instant Messenger app in Japan. Module Options msf use post/windows/gather/credentials/line msf postline show actions ...actions... msf postline set ACTION msf postline show options ...sho...

[SECURITY] Fedora 35 Update: matrix-synapse-1.41.1-1.fc35

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

[SECURITY] Fedora 34 Update: matrix-synapse-1.41.1-1.fc34

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

Matrix Information Disclosure Vulnerability (CNVD-2021-70122)

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix 1.41.0 and earlier versions have an information disclosure vulnerability that could be exploited by attackers to access room names, avatars, topics and member counts...

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

PYSEC-2021-425

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

CVE-2021-39164

CVE-2021-39164 affects Matrix Synapse (Matrix.org) up to version 1.41.0. It allows unauthenticated users to enumerate a room’s membership (list of members with display names) if the user knows the room ID, but only for rooms with shared history visibility and only when the user’s account is on a ...

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

Design/Logic Flaw

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

PYSEC-2021-424

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

CVE-2021-39163 Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner.

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

CVE-2021-39163

CVE-2021-39163 affects Matrix Synapse (Matrix.org) up to version 1.41.0, where unauthorised users could learn a room’s name, avatar, topic, and member count by knowing the room ID. Impact is limited to homeservers that have enable_group_creation set to true; administrators can already access this...

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

Owner has a rugpull function

Handle tensors Vulnerability details Impact The owner of the contract has a rugpull function. This can be unsafe if the private key for the owner account falls into the wrong hands, allowing instant withdrawal of all the funds. In general, having a single point of failure like this is not...

Telegram Cross-Site Scripting Vulnerability

Telegram is an instant messaging mobile application. version 0.6.1 of Telegram Web K Alpha is vulnerable to a cross-site scripting vulnerability that stems from the fact that Telegram Web K Alpha allows XSS to pass through document names. An attacker could exploit the vulnerability to execute...