Lucene search
K

3628 matches found

CNVD
CNVD
added 2021/09/02 12:0 a.m.29 views

Matrix Information Disclosure Vulnerability (CNVD-2021-70122)

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix 1.41.0 and earlier versions have an information disclosure vulnerability that could be exploited by attackers to access room names, avatars, topics and member counts...

3.5CVSS2.7AI score0.00892EPSS
Exploits0References1
CNVD
CNVD
added 2021/09/02 12:0 a.m.24 views

Matrix Information Breach Vulnerability

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix suffers from an information disclosure vulnerability that stems from the product not doing valid authentication of access user privileges. An attacker could access members' sensitive information via another...

3.5CVSS4.5AI score0.01457EPSS
Exploits0References1
OSV
OSV
added 2021/08/31 5:15 p.m.1 views

DEBIAN-CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS6.8AI score0.01457EPSS
Exploits0References1
NVD
NVD
added 2021/08/31 5:15 p.m.22 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS0.01457EPSS
Exploits0References5
OSV
OSV
added 2021/08/31 5:15 p.m.27 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS3.6AI score
Exploits0References5
Prion
Prion
added 2021/08/31 5:15 p.m.23 views

Code injection

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS3.6AI score0.01457EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2021/08/31 5:15 p.m.30 views

PYSEC-2021-425

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS1.4AI score0.01457EPSS
Exploits0References5
PyPA
PyPA
added 2021/08/31 5:15 p.m.5 views

PYSEC-2021-425

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS6.8AI score0.01457EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCve
added 2021/08/31 5:15 p.m.25 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS6.8AI score0.01457EPSS
Exploits0References5
OSV
OSV
added 2021/08/31 5:15 p.m.1 views

UBUNTU-CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS6.5AI score0.01457EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2021/08/31 4:20 p.m.42 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS4.1AI score0.01457EPSS
Exploits0
Cvelist
Cvelist
added 2021/08/31 4:20 p.m.20 views

CVE-2021-39164 Improper authorisation of /members discloses room membership to non-members

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS4AI score0.01457EPSS
Exploits0References5
CVE
CVE
added 2021/08/31 4:20 p.m.131 views

CVE-2021-39164

CVE-2021-39164 affects Matrix Synapse (Matrix.org) up to version 1.41.0. It allows unauthenticated users to enumerate a room’s membership (list of members with display names) if the user knows the room ID, but only for rooms with shared history visibility and only when the user’s account is on a ...

3.5CVSS3.9AI score0.01457EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2021/08/31 4:20 p.m.29 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS4.2AI score0.01457EPSS
Exploits0
NVD
NVD
added 2021/08/31 4:15 p.m.16 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS0.00892EPSS
Exploits0References5
OSV
OSV
added 2021/08/31 4:15 p.m.32 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS3.4AI score
Exploits0References5
OSV
OSV
added 2021/08/31 4:15 p.m.1 views

DEBIAN-CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS6.4AI score0.00892EPSS
Exploits0References1
OSV
OSV
added 2021/08/31 4:15 p.m.3 views

UBUNTU-CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS7.2AI score0.00892EPSS
Exploits0References6
Prion
Prion
added 2021/08/31 4:15 p.m.19 views

Design/Logic Flaw

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS3.4AI score0.00892EPSS
Exploits0References5Affected Software2
OSV
OSV
added 2021/08/31 4:15 p.m.26 views

PYSEC-2021-424

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS1.5AI score0.00892EPSS
Exploits0References5
Rows per page
Query Builder