Cookie Consent by Free Privacy Policy Generator 📌 CVE-2022-39257


✅ CVE-2022-39257


💡 Newskategorie: Sicherheitslücken
🔗 Quelle: web.nvd.nist.gov

Matrix iOS SDK allows developers to build iOS apps compatible with Matrix. Prior to version 0.23.19, an attacker cooperating with a malicious homeserver can construct messages appearing to have come from another person. Such messages will be marked with a grey shield on some platforms, but this may be missing in others. This attack is possible due to the matrix-ios-sdk implementing a too permissive key forwarding strategy. The default policy for accepting key forwards has been made more strict in the matrix-ios-sdk version 0.23.19. matrix-ios-sdk will now only accept forwarded keys in response to previously issued requests and only from own, verified devices. The SDK now sets a `trusted` flag on the decrypted message upon decryption, based on whether the key used to decrypt the message was received from a trusted source. Clients need to ensure that messages decrypted with a key with `trusted = false` are decorated appropriately (for example, by showing a warning for such messages). This attack requires coordination between a malicious home server and an attacker, so those who trust their home servers do not need a workaround. ...

✅ Bugtraq: Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831


📈 4.06 Punkte

✅ Bugtraq: CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom


📈 3.05 Punkte

✅ Bugtraq: CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom


📈 3.05 Punkte

✅ Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


📈 3.05 Punkte

✅ Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


📈 3.05 Punkte

✅ Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)


📈 3.05 Punkte

✅ Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


📈 3.05 Punkte

✅ Bugtraq: CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak)


📈 2.03 Punkte

✅ Bugtraq: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778


📈 2.03 Punkte

✅ [papers] - Roaming Through the OpenSSH Client: CVE-2016-0777 and CVE-2016-0778


📈 2.03 Punkte

✅ Bugtraq: CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)


📈 2.03 Punkte

✅ Bugtraq: MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )


📈 2.03 Punkte

✅ Bugtraq: CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak)


📈 2.03 Punkte

✅ Bugtraq: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778


📈 2.03 Punkte

✅ [papers] - Roaming Through the OpenSSH Client: CVE-2016-0777 and CVE-2016-0778


📈 2.03 Punkte

✅ Bugtraq: CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)


📈 2.03 Punkte

✅ Bugtraq: MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )


📈 2.03 Punkte

✅ Bugtraq: Multiple Vulnerabilities in ASUS Routers [CVE-2017-5891 and CVE-2017-5892]


📈 2.03 Punkte

✅ Is CVE-2017-0199 the new CVE-2012-0158?


📈 2.03 Punkte

✅ Bugtraq: Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674]


📈 2.03 Punkte

✅ Bugtraq: Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590


📈 2.03 Punkte

✅ Bugtraq: Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)


📈 2.03 Punkte

✅ Mozilla Firefox CVE-2007-2175 memory corruption [CVE-2007-2176]


📈 2.03 Punkte











matomo

Datei nicht gefunden!