Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/06/07 8:58 p.m.14 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-45076

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that...

5.1CVSS5.5AI score0.00369EPSS
Exploits0References2
PyPA
PyPA
added 2026/05/28 5:16 p.m.9 views

PYSEC-0000-CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
PyPA
PyPA
added 2026/05/28 5:16 p.m.9 views

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.4AI score0.00369EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/28 5:16 p.m.10 views

PYSEC-2026-194

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

2.7CVSS5.4AI score0.00369EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/28 3:50 p.m.36 views

CVE-2026-45076 Synapse pagination denial of service

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS0.00369EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 3:50 p.m.16 views

CVE-2026-45076 Synapse pagination denial of service

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/28 3:50 p.m.7 views

CVE-2026-45076

Synapse is an open source Matrix homeserver implementation. Prior to 1.152.1, in federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. This...

5.1CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/05/14 4:18 p.m.7 views

GHSA-6QF2-7X63-MM6V Synapse pagination Denial of Service

Impact In federated rooms, malicious homeservers can craft room events in such a way that prevents Synapse from providing full history to paginating clients. Clients could therefore fail to display room history. Patches Update to Synapse 1.152.1 or later. Workarounds There are no known workaround...

6.9CVSS5.9AI score0.00369EPSS
Exploits0References4
Snyk
Snyk
added 2026/05/14 4:18 p.m.8 views

Improper Check for Unusual or Exceptional Conditions

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the pagination process for federated rooms. An attacker can cause clients to fail to display room...

6.9CVSS5.8AI score0.00369EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.22 views

PT-2026-41158

Name of the Vulnerable Software and Affected Versions Synapse versions prior to 1.152.1 Description In federated rooms, malicious homeservers can craft room events that prevent the server from providing full history to paginating clients. This can result in clients failing to display the room...

6.9CVSS5.8AI score0.00369EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/05/23 7:54 a.m.10 views

CVE-2024-42552

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the bookid parameter at adminroomhistory.php...

8.6CVSS8.3AI score0.00529EPSS
Exploits1References1
NVD
NVD
added 2024/08/20 1:15 p.m.15 views

CVE-2024-42552

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the bookid parameter at adminroomhistory.php...

8.6CVSS0.00529EPSS
Exploits1References1
OSV
OSV
added 2024/08/20 1:15 p.m.2 views

CVE-2024-42552

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the bookid parameter at adminroomhistory.php...

8.6CVSS5.8AI score0.00529EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.6 views

Hotel-Management-System 安全漏洞

Hotel-Management-System is a hotel management system by the individual developer Vaibhav Verma. Hotel-Management-System has a security vulnerability that stems from the bookid parameter of adminroomhistory.php containing an SQL injection vulnerability...

8.6CVSS7.9AI score0.00529EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.7 views

PT-2024-30011 · Unknown · Hotel Management System

Name of the Vulnerable Software and Affected Versions: Hotel Management System version 91caab8 Description: A SQL injection vulnerability was discovered in the Hotel Management System via the book id parameter at the "admin room history.php" endpoint. This issue allows for potential unauthenticat...

8.6CVSS8.2AI score0.00529EPSS
Exploits1References7
Rows per page
Query Builder