7 matches found
EUVD-2023-0134
Malicious code in bioql PyPI...
EUVD-2022-0153
Malicious code in bioql PyPI...
EUVD-2024-3430
Malicious code in bioql PyPI...
EUVD-2024-0099
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-37302
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver. Synapse versions before 1.106 are vulnerable to a disk fill attack, where an unauthenticated adversary can induce...
CVE-2024-37303 Synapse unauthenticated writes to the media repository allow planting of problematic content
Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...
CVE-2024-53867
Synapse is an open-source Matrix homeserver. The Sliding Sync feature on Synapse versions between 1.113.0rc1 and 1.120.0 can leak partial room state changes to users no longer in a room. Non-state events, like messages, are unaffected. This vulnerability is fixed in 1.120.1...