Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2021/09/01 6:25 p.m.19 views

GHSA-JJ53-8FMW-F2W2 Adding a private/unlisted room to a community exposes room metadata in an unauthorised manner.

Impact Unauthorised users can access the name, avatar, topic and number of members of a room if they know the ID of the room. This vulnerability is limited to homeservers where: - the vulnerable homeserver is in the room; and - untrusted users are permitted to create groups communities. By defaul...

3.1CVSS3.6AI score0.002EPSS
Exploits0References8
Veracode
Veracodeadded 2021/09/01 3:33 a.m.26 views

Privilege Escalation

matrix-synapse is vulnerable to privilege escalation. Any unauthorized user who knows Room ID of a private room can disclose a private room's name, avatar, topic, and number of members through Group/Community features...

3.1CVSS5.4AI score0.002EPSS
Exploits0References8Affected Software3
Hacker One
Hacker Oneadded 2018/07/23 12:48 p.m.54 views

Chaturbate: Rate limit missing at room login

Hello there, User are able to protect there broadcasting with password, so only password granted visitor can login to broadcast room. I notice that rate limit are missing at the endpoint /roomlogin/user/ which enable me to brute force on password field. I made 1k+ request but still server not blo...

Exploits0
Rows per page
Query Builder