Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3661 matches found

AlpineLinux
AlpineLinuxadded 2021/08/31 4:20 p.m.42 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS4.1AI score0.01457EPSS
Exploits0
Debian CVE
Debian CVEadded 2021/08/31 4:20 p.m.29 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS4.2AI score0.01457EPSS
Exploits0
NVD
NVDadded 2021/08/31 4:15 p.m.15 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS0.00892EPSS
Exploits0References5
OSV
OSVadded 2021/08/31 4:15 p.m.31 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS3.4AI score
Exploits0References5
OSV
OSVadded 2021/08/31 4:15 p.m.1 views

DEBIAN-CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS6.4AI score0.00892EPSS
Exploits0References1
PyPA
PyPAadded 2021/08/31 4:15 p.m.3 views

PYSEC-2021-424

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS6.4AI score0.00892EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCveadded 2021/08/31 4:15 p.m.26 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS6.8AI score0.00892EPSS
Exploits0References5
Prion
Prionadded 2021/08/31 4:15 p.m.18 views

Design/Logic Flaw

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS3.4AI score0.00892EPSS
Exploits0References5Affected Software2
vulnersOsv
vulnersOsvadded 2021/08/31 4:15 p.m.4 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2021-39163 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2021-39163 Source advisory: OSV:PYSEC-2021-424...

3.5CVSS6.5AI score0.00892EPSS
Exploits0
OSV
OSVadded 2021/08/31 4:15 p.m.3 views

UBUNTU-CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS7.2AI score0.00892EPSS
Exploits0References6
OSV
OSVadded 2021/08/31 4:15 p.m.26 views

PYSEC-2021-424

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS1.5AI score0.00892EPSS
Exploits0References5
CVE
CVEadded 2021/08/31 4:0 p.m.137 views

CVE-2021-39163

CVE-2021-39163 affects Matrix Synapse (Matrix.org) up to version 1.41.0, where unauthorised users could learn a room’s name, avatar, topic, and member count by knowing the room ID. Impact is limited to homeservers that have enable_group_creation set to true; administrators can already access this...

3.5CVSS3.7AI score0.00892EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2021/08/31 4:0 p.m.23 views

CVE-2021-39163 Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner.

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.1CVSS3.7AI score0.00892EPSS
Exploits0References5
AlpineLinux
AlpineLinuxadded 2021/08/31 4:0 p.m.55 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS3.9AI score0.00892EPSS
Exploits0
Debian CVE
Debian CVEadded 2021/08/31 4:0 p.m.23 views

CVE-2021-39163

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where the vulnerable...

3.5CVSS3.9AI score0.00892EPSS
Exploits0
CNNVD
CNNVDadded 2021/08/31 12:0 a.m.3 views

Matrix 信息泄露漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix suffers from an information disclosure vulnerability that stems from the product not doing valid authentication of access user privileges. An attacker could access members' sensitive information via another...

3.5CVSS5.6AI score0.01457EPSS
Exploits0References6
CNNVD
CNNVDadded 2021/08/31 12:0 a.m.3 views

Matrix 信息泄露漏洞

Matrix is an ambitious new ecosystem for open federated instant messaging and VoIP. Matrix 1.41.0 and earlier versions have an information disclosure vulnerability that could be exploited by attackers to access room names, avatars, topics and member counts...

3.5CVSS5.6AI score0.00892EPSS
Exploits0References6
FreeBSD
FreeBSDadded 2021/08/31 12:0 a.m.30 views

py-matrix-synapse -- several vulnerabilities

Matrix developers report: This release patches two moderate severity issues which could reveal metadata about private rooms: CVE-2021-39164: Enumerating a private room's list of members and their display names. CVE-2021-39163: Disclosing a private room's name, avatar, topic, and number of members...

3.5CVSS2.5AI score0.01457EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2021/08/25 8:59 p.m.27 views

Use of Uninitialized Resource in alg_ds

An issue was discovered in the algds crate through 2020-08-25 for Rust. Matrix::new internally calls Matrix::fillwith which uses ptr = value pattern to initialize the buffer. This pattern assumes that there is an initialized struct at the address and drops it, which results in dropping of...

9.8CVSS8.9AI score0.0123EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2021/08/25 8:59 p.m.14 views

GHSA-3VV3-FRRQ-6486 Use of Uninitialized Resource in alg_ds

An issue was discovered in the algds crate through 2020-08-25 for Rust. Matrix::new internally calls Matrix::fillwith which uses ptr = value pattern to initialize the buffer. This pattern assumes that there is an initialized struct at the address and drops it, which results in dropping of...

9.8CVSS9.4AI score0.0123EPSS
Exploits0References4
Rows per page
Query Builder