GHSA-WFQ4-36M3-9G42 Matrix Rust SDK: Sender-binding gaps in to-device and room-key attribution

Impact The matrix-sdk-crypto crate before 0.16.1 is missing a check for the sender's user ID when decrypting an Olm-encrypted to-device message containing the senderdevicekeys property. This could be exploited to spoof the sender of an encrypted to-device message, but only if the attacker collude...

PT-2026-46305

Name of the Vulnerable Software and Affected Versions matrix-sdk-crypto versions prior to 0.16.1 Description The matrix-sdk-crypto crate fails to verify the sender's user ID during the decryption of Olm-encrypted to-device messages that include the sender device keys property. This flaw allows an...

CVE-2026-6729

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

PT-2026-33856

HKUDS OpenHarness prior to PR 159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to hijack other users' sessions by exploiting a shared ohmo session key that lacks sender identity verification. Attackers can reuse...

EUVD-2013-0313

Malware in sbrugna...

EUVD-2020-19092

Malware in sbrugna...

CVE-2020-26547

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...

SUSE CVE-2004-0399

Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the senderverify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification...

How Does DMARC Prevent Phishing?

DMARC is a global standard for email authentication. It allows senders to verify that the email really comes from whom it claims to come from. This helps curb spam and phishing attacks, which are among the most prevalent cybercrimes of today. Gmail, Yahoo, and many other large email providers hav...

CVE-2020-26547

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...

CVE-2020-26547

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...

Design/Logic Flaw

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...

CVE-2020-26547

Monal

CVE-2020-26547

Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon XEP-0280 results. This allows a remote attacker able to send stanzas to a victim to inject arbitrary messages into the local history, with full control over the sender and receiver displayed to the victim...

Exim Sender 3.35 Verification Remote Stack Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10290/info Exim has been reported prone to a remotely exploitable stack-based buffer overrun vulnerability. This is exposed if sender verification has been enabled in the agent and may be triggered by a malicious e-mail...

Threat Outbreak Alert: Fake Bank Swift Payment Notification Email Messages on October 8, 2013

Medium Alert ID: 31173 First Published: 2013 October 9 15:28 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claims to contain a bank payment information for the recipient. The text in the email message attempts to convince the recipient...

CVE-2013-0292

The dbusgproxymanagerfilter function in dbus-gproxy in Dbus-glib before 0.100.1 does not properly verify the sender of NameOwnerChanged signals, which allows local users to gain privileges via a spoofed signal...

DEBIAN-CVE-2006-5461

Avahi before 0.6.15 does not verify the sender identity of netlink messages to ensure that they come from the kernel instead of another process, which allows local users to spoof network changes to Avahi...

Debian DSA-501-1 : exim - buffer overflow

Georgi Guninski discovered two stack-based buffer overflows. They can not be exploited with the default configuration from the Debian system, though. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2004-0399 When...

CVE-2004-0399

Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the senderverify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification...