CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2020/12/09 7:15 p.m.•2 views

DEBIAN-CVE-2020-26257

6.5CVSS7AI score0.02363EPSS

Exploits0References1

UbuntuCve•added 2020/12/09 7:15 p.m.•21 views

CVE-2020-26257

vulnersOsv•added 2020/12/09 7:15 p.m.•4 views

Exploits0References5

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2020-26257 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2020-26257 Source advisory: OSV:PYSEC-2020-236...

OSV•added 2020/12/09 7:15 p.m.•1 views

UBUNTU-CVE-2020-26257

6.5CVSS7.3AI score0.02363EPSS

Prion•added 2020/12/09 7:15 p.m.•19 views

Design/Logic Flaw

4CVSS6.3AI score0.02363EPSS

Exploits0References6Affected Software2

PyPA•added 2020/12/09 7:15 p.m.•3 views

PYSEC-2020-236

6.5CVSS7AI score0.02363EPSS

Exploits0References6Affected Software1

OSV•added 2020/12/09 7:15 p.m.•17 views

PYSEC-2020-236

6.5CVSS3.1AI score0.02363EPSS

Cvelist•added 2020/12/09 6:25 p.m.•28 views

CVE-2020-26257 Denial of service attack via incorrect parameters to federation APIs

6.5CVSS6.4AI score0.02363EPSS

CVE•added 2020/12/09 6:25 p.m.•110 views

CVE-2020-26257

CVE-2020-26257 affects Matrix Synapse, the Matrix homeserver. A malicious or poorly-implemented homeserver can inject malformed events by specifying a different room_id in the path of /send_join, /send_leave, /invite, or /exchange_third_party_invite, leading to a denial of service where future fe...

6.5CVSS6.6AI score0.02363EPSS

Exploits0References6Affected Software1

Debian CVE•added 2020/12/09 6:25 p.m.•22 views

CVE-2020-26257

6.5CVSS6.6AI score0.02363EPSS

AlpineLinux•added 2020/12/09 6:25 p.m.•33 views

CVE-2020-26257

6.5CVSS6.7AI score0.02363EPSS

vulnersOsv•added 2020/12/09 6:21 p.m.•3 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2020-26257 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2020-26257 Source advisory: OSV:GHSA-HXMP-PQCH-C8MM...

OSV•added 2020/12/09 6:21 p.m.•17 views

GHSA-HXMP-PQCH-C8MM Denial of service attack via incorrect parameters in Matrix Synapse

Impact A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id in the path of a /sendjoin, /sendleave, /invite or /exchangethirdpartyinvite request. This can lead to a denial of service in which future events will not be correctly sen...

7.1CVSS6.4AI score0.02363EPSS

Exploits0References8

Github Security Blog•added 2020/12/09 6:21 p.m.•38 views

Denial of service attack via incorrect parameters in Matrix Synapse

6.5CVSS2.6AI score0.02363EPSS

Exploits0References9Affected Software1

Tenable Nessus•added 2020/12/09 12:0 a.m.•89 views

SUSE SLES15 Security Update : java-1_8_0-openjdk (SUSE-SU-2020:3460-1)

This update for java-180-openjdk fixes the following issues : Fix regression '8250861: Crash in MinINode::IdealPhaseGVN, bool', introduced in October 2020 CPU. Update to version jdk8u272 icedtea 3.17.0 July 2020 CPU, bsc1174157, and October 2020 CPU, bsc1177943 - New features + JDK-8245468: Add...

8.3CVSS6.9AI score0.04315EPSS

Exploits0References35

CNNVD•added 2020/12/09 12:0 a.m.•54 views

Matrix Synapse 资源管理错误漏洞

Matrix Synapse is a Matrix Management Server implementation from the Matrix Foundation in the UK. Matrix Synapse suffers from a security vulnerability that stems from the fact that a malicious or poorly implemented host server can inject malformed events by specifying different room ids in the pa...