Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3660 matches found

OSV
OSVadded 2019/11/08 12:15 a.m.12 views

CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS9.5AI score
Exploits0References2
OSV
OSVadded 2019/11/08 12:15 a.m.2 views

DEBIAN-CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS7AI score0.00864EPSS
Exploits0References1
Prion
Prionadded 2019/11/08 12:15 a.m.15 views

Code injection

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

7.5CVSS9.4AI score0.00864EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsvadded 2019/11/08 12:15 a.m.4 views

matrix-server-isenguard (>=0.1.1 <=0.2.0), matrix-temp-mail-checker (>=0.1.2 <=0.1.5) +6 more potentially affected by CVE-2019-18835 via matrix-synapse (>=0.33.9 <=1.153.0)

matrix-synapse PYPI version =0.33.9, =0.1.1, =0.1.2, =0.100.2, =0.1.0, =0.1.0, =0.8.0, =0.8.4 Source cves: CVE-2019-18835 Source advisory: OSV:PYSEC-2019-186...

9.8CVSS7.6AI score0.00864EPSS
Exploits0
UbuntuCve
UbuntuCveadded 2019/11/08 12:15 a.m.25 views

CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS7.2AI score0.00864EPSS
Exploits0References4
PyPA
PyPAadded 2019/11/08 12:15 a.m.5 views

PYSEC-2019-186

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS7AI score0.00864EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2019/11/08 12:15 a.m.2 views

UBUNTU-CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS7.2AI score0.00864EPSS
Exploits0References5
OSV
OSVadded 2019/11/08 12:15 a.m.26 views

PYSEC-2019-186

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS2.7AI score0.00864EPSS
Exploits0References3
Cvelist
Cvelistadded 2019/11/07 11:12 p.m.23 views

CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.5AI score0.00864EPSS
Exploits0References2
CVE
CVEadded 2019/11/07 11:12 p.m.152 views

CVE-2019-18835

CVE-2019-18835 affects Matrix Synapse prior to 1.5.0. The root cause is improper signature verification on federation APIs; events sent over /send_join, /send_leave, and /invite may not be correctly signed or may not originate from the expected servers. This can allow spoofing or impersonation of...

9.8CVSS9.3AI score0.00864EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2019/11/07 11:12 p.m.19 views

CVE-2019-18835

Matrix Synapse before 1.5.0 mishandles signature checking on some federation APIs. Events sent over /sendjoin, /sendleave, and /invite may not be correctly signed, or may not come from the expected servers...

9.8CVSS8.7AI score0.00864EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2019/11/07 12:0 a.m.4 views

PT-2019-15690 · Matrix +2 · Matrix Synapse +2

Name of the Vulnerable Software and Affected Versions: Matrix Synapse versions prior to 1.5.0 Description: The issue concerns the mishandling of signature checking on some federation APIs. Events sent over "/send join", "/send leave", and "/invite" API endpoints may not be correctly signed, or ma...

9.8CVSS7.7AI score0.02418EPSS
Exploits0References32
FreeBSD
FreeBSDadded 2019/10/29 12:0 a.m.14 views

py-matrix-synapse -- missing signature checks on some federation APIs

Matrix developers report: Make sure that ... events sent over /sendjoin, /sendleave, and /invite, are correctly signed and come from the expected servers...

3.1AI score
Exploits0References2
GithubExploit
GithubExploitadded 2019/10/23 7:50 p.m.5 views

frontend

!Build Statushttps://github.com/DependencyTrack/frontend/act...

6.7AI score
Exploits0
NVD
NVDadded 2019/09/25 5:15 p.m.18 views

CVE-2019-16880

An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zipelements method...

9.8CVSS9.6AI score0.01691EPSS
Exploits1References1
Prion
Prionadded 2019/09/25 5:15 p.m.11 views

Double free

An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zipelements method...

7.5CVSS9.6AI score0.01691EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2019/09/25 4:17 p.m.43 views

CVE-2019-16880

The CVE-2019-16880 entry concerns the Rust crate linea up to version 0.9.4, where a double free vulnerability exists in the Matrix::zip_elements method. Multiple connected advisories (e.g., RUSTSEC-2019-0021 / GHSA) describe that affected crate versions may panic in trait implementations, enablin...

9.8CVSS9.5AI score0.01691EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2019/09/25 4:17 p.m.21 views

CVE-2019-16880

An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zipelements method...

9.6AI score0.01691EPSS
Exploits1References1
OSV
OSVadded 2019/09/14 12:0 p.m.11 views

RUSTSEC-2019-0021 `Matrix::zip_elements` causes double free

Affected versions of this crate did not properly implements the Matrix::zipelements method, which causes an double free when the given trait implementation might panic. This allows an attacker to corrupt or take control of the memory. The flaw was corrected by Phosphorus15...

9.8CVSS9.6AI score0.01691EPSS
Exploits1References3
Atlassian
Atlassianadded 2019/08/19 7:0 p.m.104 views

URL Path Traversal in Jira Service Desk Server and Jira Service Desk Data Center Allows Information Disclosure - CVE-2019-14994

A URL path traversal vulnerability in Jira Service Desk Server and Jira Service Desk Data Center allows a remote attacker with portal access to view all issues from all projects in the affected instance. This could include Jira Service Desk projects, Jira Core projects, and Jira Software projects...

7.5CVSS1.5AI score0.05099EPSS
Exploits1Affected Software1
Rows per page
Query Builder