CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-3430

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00134EPSS

Exploits0References4

Tenable Nessus•added 2025/08/30 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-32323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to...

5CVSS5.9AI score0.00142EPSS

Exploits1References2

Veracode•added 2024/12/11 7:55 a.m.•7 views

Sensitive Information Exposure

Matrix-synapse is vulnerable to information disclosure. The vulnerability is due to improper handling of Sliding Sync, which can leak partial room state changes to users who are no longer in a room, while non-state events remain unaffected...

4.3CVSS5.9AI score0.00134EPSS

Exploits0References4Affected Software2

SUSE CVE•added 2024/12/04 3:48 a.m.•1 views

SUSE CVE-2024-53867

Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...

4.3CVSS6.7AI score0.00134EPSS

Exploits0References3

Github Security Blog•added 2024/12/03 6:44 p.m.•22 views

Synapse Matrix has a partial room state leak via Sliding Sync

Impact The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. Patches Synapse version 1.120.1 fixes the problem. Workarounds Disable Sliding Sync. References...

4.3CVSS6.5AI score0.00134EPSS

Exploits0References4Affected Software1

OSV•added 2024/12/03 6:44 p.m.•14 views

GHSA-56W4-5538-8V8H Synapse Matrix has a partial room state leak via Sliding Sync

4.3CVSS4.5AI score0.00134EPSS

Exploits0References4

NVD•added 2024/12/03 5:15 p.m.•16 views

CVE-2024-53867

4.3CVSS0.00134EPSS

Exploits0References2

OSV•added 2024/12/03 5:15 p.m.•2 views

DEBIAN-CVE-2024-53867

4.3CVSS6.6AI score0.00134EPSS

Exploits0References1

OSV•added 2024/12/03 5:15 p.m.•0 views

UBUNTU-CVE-2024-53867

4.3CVSS5.8AI score0.00134EPSS

Exploits0References4

OSV•added 2024/12/03 4:52 p.m.•10 views

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

4.3CVSS6AI score0.00134EPSS

Exploits0References4

CVE•added 2024/12/03 4:52 p.m.•65 views

CVE-2024-53867

Synapse (Matrix homeserver) Sliding Sync flaw affects versions 1.113.0rc1 through 1.120.0, leaking partial room state changes to users who left the room. Non-state events (e.g., messages) are not affected. The issue is fixed in 1.120.1. Affected CVE: CVE-2024-53867. No exploitation details are pr...

4.3CVSS4.3AI score0.00134EPSS

Exploits0References2

Vulnrichment•added 2024/12/03 4:52 p.m.•12 views

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

4.3CVSS6.5AI score0.00134EPSS

Exploits0References2

Cvelist•added 2024/12/03 4:52 p.m.•22 views

CVE-2024-53867 Synapse Matrix has a partial room state leak via Sliding Sync

4.3CVSS0.00134EPSS

Exploits0References2

Positive Technologies•added 2024/12/03 12:0 a.m.•2 views

PT-2024-35965 · Synapse · Synapse

Name of the Vulnerable Software and Affected Versions: Synapse versions 1.113.0rc1 through 1.120.0 Description: The Sliding Sync feature in Synapse can leak partial room state changes to users who are no longer in a room. This issue does not affect non-state events, such as messages...

8.7CVSS6.4AI score0.01089EPSS

Exploits0References20

CNNVD•added 2024/12/03 12:0 a.m.•1 views

Element Synapse 安全漏洞

Element Synapse is an open source Matrix Home Server implementation from Element Open Source. A security vulnerability exists in Element Synapse that stems from the Sliding Sync feature that may leak some room state changes to users who are no longer in the room...

4.3CVSS6.3AI score0.00134EPSS

Exploits0References3

Veracode•added 2023/06/02 1:21 p.m.•12 views

Denial Of Service (DoS)

matrix-synapse is vulnerable to Denial Of Service DoS. The vulnerability is due to faulty room state checks; if Synapse and a malicious homeserver are both in the same room, the malicious homeserver can trick Synapse into accepting rejected events into the state of the room, which can be exploite...

6.5CVSS6.6AI score0.00169EPSS

Exploits0References4Affected Software2

SUSE CVE•added 2023/05/27 2:28 a.m.•2 views

SUSE CVE-2023-32323

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disable...

5CVSS6.9AI score0.00142EPSS

Exploits1References3

OSV•added 2023/05/26 2:15 p.m.•1 views

DEBIAN-CVE-2023-32323

4.3CVSS6.8AI score0.00142EPSS

Exploits1References1

PyPA•added 2023/05/26 2:15 p.m.•4 views

PYSEC-2023-67

5CVSS6.8AI score0.00142EPSS

Exploits1References4Affected Software1

PyPA•added 2023/05/26 2:15 p.m.•7 views

PYSEC-2023-66

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. If Synapse and a malicious homeserver are both joined to the same room, the malicious homeserver can trick Synapse into accepting previously rejected events into its view of the current state of that...

6.5CVSS6.8AI score0.00169EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by