Lucene search
K

25 matches found

CNNVD
CNNVD
added 2021/02/26 12:0 a.m.6 views

Matrix Synapse Input Validation Error Vulnerability

Matrix Synapse is an implementation of a matrix management server from the Matrix Foundation in the UK. A security vulnerability exists in Synapse that stems from a request to a user-provided domain being unrestricted by an external IP address when calculating key validity for third-party...

6.1CVSS6.4AI score0.01809EPSS
Exploits0References6
Prion
Prion
added 2019/09/11 2:15 p.m.21 views

Design/Logic Flaw

The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check...

5CVSS5.1AI score0.03012EPSS
Exploits1References3Affected Software1
Atlassian
Atlassian
added 2019/08/12 2:43 a.m.49 views

Disclosure of issue key validity & issue attachment names in the render api resource - CVE-2019-14995

The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specific name exists and if an issue key is valid via a missing permissions check...

5.3CVSS5.1AI score0.03012EPSS
Exploits1Affected Software1
securityvulns
securityvulns
added 2003/05/05 12:0 a.m.21 views

Key validity bug in GnuPG 1.2.1 and earlier

As part of the development of GnuPG 1.2.2, a bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. This bug does not impact any key with only one user ID. Photo IDs "user...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2001/09/05 12:0 a.m.99 views

PGPsdk Key Validity Vulnerability

http://www.pgp.com/support/product-advisories/pgpsdk.asp A vulnerability in PGP's display of key validity has been discovered that could allow an attacker to fool users into thinking that a valid signature was created by what is actually an invalid user ID. If the attacker can obtain a signature ...

6.8AI score
Exploits0
Rows per page
Query Builder