Lucene search
K

3662 matches found

CVE
CVE
added 2022/06/30 5:46 p.m.272 views

CVE-2022-34788

Summary (CVE-2022-34788) : The vulnerability affects the Jenkins Matrix Reloaded Plugin

5.4CVSS5.4AI score0.00567EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.5 views

Jenkins Plugin Matrix Reloaded 跨站请求伪造漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins Matrix Reloaded Plugin version 1.1...

6.5CVSS5.4AI score0.00497EPSS
Exploits0References5
CNNVD
CNNVD
added 2022/06/30 12:0 a.m.5 views

Jenkins Plugin Matrix Reloaded 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

5.4CVSS5.7AI score0.00567EPSS
Exploits0References5
CNVD
CNVD
added 2022/06/30 12:0 a.m.23 views

Matrix Synapse Denial of Service Vulnerability (CNVD-2022-60674)

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the U.K. A denial of service vulnerability exists in versions of Matrix Synapse prior to 1.61.1, which stems from infinite recursion, where URL previews of certain web pages may exhaust the available stack...

6.5CVSS4.1AI score0.01578EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/06/30 12:0 a.m.4 views

PT-2022-22340 · Jenkins · Jenkins Matrix Reloaded Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Matrix Reloaded Plugin versions 1.1.3 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to rebuild previous matrix builds. This issue arises because the plugin does not require POST requests for...

6.5CVSS6.4AI score0.00497EPSS
Exploits0References6
vulnersOsv
vulnersOsv
added 2022/06/29 9:51 p.m.3 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2022-31052 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-31052 Source advisory: OSV:GHSA-22P3-QRH9-CX32...

6.5CVSS6.5AI score0.01578EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/06/29 12:0 a.m.26 views

FreeBSD : py-matrix-synapse -- unbounded recursion in urlpreview (07c0d782-f758-11ec-acaa-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 07c0d782-f758-11ec-acaa-901b0e9408dc advisory. - Synapse is an open source home server implementation for the Matrix chat network. In versions prior t...

6.5CVSS6.4AI score0.01578EPSS
Exploits0References3
OSV
OSV
added 2022/06/28 5:15 p.m.2 views

DEBIAN-CVE-2022-31052

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

6.5CVSS6.6AI score0.01578EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2022/06/28 5:15 p.m.4 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2022-31052 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2022-31052 Source advisory: OSV:PYSEC-2022-224...

6.5CVSS6.5AI score0.01578EPSS
Exploits0
OSV
OSV
added 2022/06/28 5:15 p.m.2 views

UBUNTU-CVE-2022-31052

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

6.5CVSS6.6AI score0.01578EPSS
Exploits0References4
CVE
CVE
added 2022/06/28 5:10 p.m.470 views

CVE-2022-31052

CVE-2022-31052 affects Synapse (Matrix homeserver). In versions before 1.61.1, URL previews for some web pages can cause unbounded recursion, exhausting stack space and potentially crashing the Synapse process. Remote users can exploit via URL previews that clients auto-request, but the URL previ...

6.5CVSS6.3AI score0.01578EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/06/28 5:10 p.m.28 views

CVE-2022-31052

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

6.5CVSS6.4AI score0.01578EPSS
Exploits0
OSV
OSV
added 2022/06/28 5:10 p.m.18 views

CVE-2022-31052 URL previews can crash Synapse media repositories or Synapse monoliths

Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the reques...

6.5CVSS6.2AI score0.01578EPSS
Exploits0References7
CNNVD
CNNVD
added 2022/06/28 12:0 a.m.3 views

Matrix Synapse 安全漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the U.K. A denial of service vulnerability exists in versions of Matrix Synapse prior to 1.61.1, which stems from infinite recursion, where URL previews of certain web pages may exhaust the available stack...

6.5CVSS5.7AI score0.01578EPSS
Exploits0References7
FreeBSD
FreeBSD
added 2022/06/28 12:0 a.m.31 views

py-matrix-synapse -- unbounded recursion in urlpreview

Matrix developers report: This release fixes a vulnerability with Synapse's URL preview feature. URL previews of some web pages can lead to unbounded recursion, causing the request to either fail, or in some cases crash the running Synapse process. Note that: Homeservers with the urlpreviewenable...

6.5CVSS2.5AI score0.01578EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/06/27 12:0 a.m.4 views

Huawei MindSpore Community 缓冲区错误漏洞

Huawei MindSpore Community is an open source deep learning framework from Huawei, China. Huawei MindSpore Community suffers from an information disclosure vulnerability that stems from accessing a shape allocated from the heap buffer if the input shape size is 0 when performing inferred shape...

7.5CVSS6AI score0.00852EPSS
Exploits0References2
MSRC
MSRC
added 2022/06/25 1:20 a.m.25 views

A Man of Action: Meet Callum Carney

Hidden Talents: He was a competitive swimmer for many years. Instrument of Choice: His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life: The Office, World War Z, The Matrix, Breaking Bad, The Thick of It. Favorite non-profit:...

2AI score
Exploits0
MSRC
MSRC
added 2022/06/24 7:0 a.m.9 views

A Man of Action: Meet Callum Carney

Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...

1.8AI score
Exploits0
MSRC
MSRC
added 2022/06/24 7:0 a.m.8 views

A Man of Action: Meet Callum Carney

Hidden Talents : He was a competitive swimmer for many years. Instrument of Choice : His fingers were made for the keyboard, but he used to play the trumpet. 5 pieces of entertainment for the rest of his life : The Office, World War Z, The Matrix, Breaking Bad, The Thick of It...

7AI score
Exploits0
Trellix
Trellix
added 2022/06/03 12:0 a.m.296 views

Trellix Global Defenders: Follina — Microsoft Office Zero-Day (CVE-2022-30190)

Trellix Global Defenders: Follina — Microsoft Office Zero-Day CVE-2022-30190 By Taylor Mullins, Robin Noyce, Benjamin Marandel · June 3, 2022 Trellix is continuing to monitor the threat activity associated with the Microsoft Office Zero-Day vulnerability that has been dubbed “Follina.”...

0.99374EPSS
Exploits62
Rows per page
Query Builder