Lucene search
K

347 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.5 views

Fedora: Security Advisory (FEDORA-2025-cddcfd6518)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-63751ef564)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01157EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/04/23 12:0 a.m.15 views

Ubuntu: Security Advisory (USN-7444-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.3AI score0.01463EPSS
Exploits0References2
OSV
OSV
added 2025/04/22 5:24 p.m.6 views

USN-7444-1 matrix-synapse vulnerabilities

It was discovered that Synapse network policies could be bypassed via specially crafted URLs. An attacker could possibly use this issue to bypass authentication mechanisms. CVE-2023-32683 It was discovered that Synapse exposed cached device information. An attacker could possibly use this issue t...

9.1CVSS6.8AI score0.01463EPSS
Exploits0References9
Fedora
Fedora
added 2025/04/11 6:32 p.m.14 views

[SECURITY] Fedora 42 Update: matrix-synapse-1.127.1-1.fc42

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

7.5CVSS6.8AI score0.01157EPSS
Exploits0
Fedora
Fedora
added 2025/04/07 1:25 a.m.10 views

[SECURITY] Fedora 41 Update: matrix-synapse-1.118.0-4.fc41

Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix from the core development team at matrix.org, written in Python/Twisted. It is intended to showcase the concept of Matrix and let folks see the spec in...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/07 12:0 a.m.5 views

Fedora 41 : matrix-synapse (2025-cddcfd6518)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cddcfd6518 advisory. Backport fixes from v1.127.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

5.6AI score
Exploits0References1
OpenVAS
OpenVAS
added 2025/04/07 12:0 a.m.7 views

Fedora: Security Advisory (FEDORA-2025-cef83410f7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/04/05 12:0 a.m.3 views

Fedora 40 : matrix-synapse (2025-cef83410f7)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-cef83410f7 advisory. Backport fixes from v1.127.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not teste...

5.6AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/03/29 12:0 a.m.4 views

matrix-synapse-1.127.1-1.1 on GA media (moderate)

matrix-synapse-1.127.1-1.1 on GA media Announcement ID: openSUSE-SU-2025:14939-1 Rating: moderate Cross-References: CVE-2025-30355 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

7.5CVSS7.3AI score0.01157EPSS
Exploits0
OSV
OSV
added 2025/03/28 12:0 a.m.4 views

OPENSUSE-SU-2025:14939-1 matrix-synapse-1.127.1-1.1 on GA media

These are all security issues fixed in the matrix-synapse-1.127.1-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.8AI score0.01157EPSS
Exploits0References2
Snyk
Snyk
added 2025/03/27 6:2 p.m.2 views

Improper Input Validation

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Improper Input Validation. A malicious server can disrupt the normal operation and prevent the application from federating with other servers by crafting even...

7.5CVSS6.9AI score0.01157EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/03/27 6:2 p.m.37 views

raiden (>=0.100.2 <=0.100.3rc1) potentially affected by CVE-2025-30355 via matrix-synapse (=0.33.9)

matrix-synapse PYPI version =0.33.9 is affected by a known vulnerability. The following packages have a transitive dependency on matrix-synapse and may be impacted: - raiden =0.100.2, =0.100.3rc1 Source cves: CVE-2025-30355 Source advisory: OSV:GHSA-V56R-HWV5-MXG6...

7.5CVSS5.8AI score0.01157EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/12/13 12:0 a.m.14 views

Fedora: Security Advisory (FEDORA-2024-995720f767)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.5AI score0.00715EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.8 views

Fedora 41 : matrix-synapse (2024-4cadba7a29)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-4cadba7a29 advisory. CVE-2024-52805, CVE-2024-52815, CVE-2024-53863, CVE-2024-53867 ---- Backport fixes from v1.120.1 Tenable has extracted the preceding description blo...

9.1CVSS6.5AI score0.00715EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.7 views

Fedora 40 : matrix-synapse (2024-995720f767)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-995720f767 advisory. CVE-2024-52805, CVE-2024-52815, CVE-2024-53863 ---- Backport fixes from v1.120.1 Tenable has extracted the preceding description block directly from...

9.1CVSS6.5AI score0.00715EPSS
Exploits0References4
Veracode
Veracode
added 2024/12/11 7:55 a.m.9 views

Sensitive Information Exposure

Matrix-synapse is vulnerable to information disclosure. The vulnerability is due to improper handling of Sliding Sync, which can leak partial room state changes to users who are no longer in a room, while non-state events remain unaffected...

4.3CVSS5.9AI score0.00427EPSS
Exploits0References4Affected Software2
OSV
OSV
added 2024/12/04 12:0 a.m.5 views

OPENSUSE-SU-2024:14541-1 matrix-synapse-1.120.2-1.1 on GA media

These are all security issues fixed in the matrix-synapse-1.120.2-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS6.8AI score0.00715EPSS
Exploits0References6
Snyk
Snyk
added 2024/12/03 6:44 p.m.3 views

Exposure of Sensitive System Information to an Unauthorized Control Sphere

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Exposure of Sensitive System Information to an Unauthorized Control Sphere via the Sliding Sync feature. An attacker can leak partial room state changes to...

5.3CVSS6.7AI score0.00427EPSS
Exploits0References2
Snyk
Snyk
added 2024/12/03 6:44 p.m.1 views

Arbitrary File Upload

Overview matrix-synapse is an ecosystem for open federated Instant Messaging and VoIP. Affected versions of this package are vulnerable to Arbitrary File Upload due to the dynamicthumbnails option or processing a specially crafted request. An attacker can exploit this to execute arbitrary code or...

9.1CVSS7.8AI score0.00625EPSS
Exploits0References2
Rows per page
Query Builder