Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.12 views

CVE-2026-40300

Zulip is an open-source team collaboration tool. Prior to 12.0, With messageedithistoryvisibilitypolicy set to "moves", /api/v1/messages/id/history still returns historical content values, allowing low-privilege users to recover text that was edited away from other users' messages. This...

6.5CVSS5.5AI score0.00247EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/24 8:28 p.m.5 views

CVE-2025-55067

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

7.1CVSS6.9AI score0.00428EPSS
Exploits0References1
OSV
OSV
added 2022/09/30 12:40 a.m.57 views

GHSA-6263-X97C-C4GG matrix-js-sdk subject to impersonated messages due to permissive key forwarding

Impact An attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the matrix-js-sdk implementing a too...

7.5CVSS8AI score0.0099EPSS
Exploits0References8
Veracode
Veracode
added 2021/09/01 7:35 a.m.39 views

Privilege Escalation

matrixsynapse is vulnerable to privilege escalation. An unauthorised user knowing Room ID of a private room and setting room's history visibility to shared is allowed to enumerate the room's members, including their display names...

3.1CVSS4.2AI score0.01457EPSS
Exploits0References7Affected Software3
NVD
NVD
added 2021/08/31 5:15 p.m.25 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS0.01457EPSS
Exploits0References5
OSV
OSV
added 2021/08/31 5:15 p.m.1 views

DEBIAN-CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS6.8AI score0.01457EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/08/31 5:15 p.m.38 views

CVE-2021-39164

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.5CVSS6.8AI score0.01457EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/08/31 4:20 p.m.28 views

CVE-2021-39164 Improper authorisation of /members discloses room membership to non-members

Matrix is an ecosystem for open federated Instant Messaging and Voice over IP. In versions 1.41.0 and prior, unauthorised users can access the membership list of members, with their display names of a room if they know the ID of the room. The vulnerability is limited to rooms with shared history...

3.1CVSS4AI score0.01457EPSS
Exploits0References5
Rows per page
Query Builder