We are Shielder,
an IT Security company.
We are dynamic and talented. Our specialists are our beating heart and that’s why we never stop. We adapt ourselves to an ever changing world while bearing in mind what brought us here: the need to understand each and every bit.
Inspect elementWhat we do
Rely on us,
we will raise your barriers.
Research
![[Advisory]](https://www.shielder.com//img/advisory.png)
Element Android (<1.6.12) is affected by an intent redirection, allowing a third-party malicious application to start any internal activity by passing extra parameters. Possible impact includes making Element Android display an arbitrary web page, executing arbitrary JavaScript, bypassing PIN code protection, and account takeover by spawning a login screen to send credentials to an arbitrary Matrix home server.
Element Android (<1.6.12) is affected by a sensitive file disclosure, allowing a third-party malicious application to force sharing files stored under the `files` directory in the application's private sandboxed data directory to an arbitrary room. Sensitive files include the encrypted chat database, the FCM tokens, etc.
pgAdmin <= 8.3 is affected by a path-traversal vulnerability while deserializing user's session in the session handling code. If the server is running on Windows, an unauthenticated attacker can load and deserialize remote pickle objects and gain code execution. If the server is running on POSIX/Linux, an authenticated attacker can upload pickle objects, deserialize them and gain code execution.
Our blog
Latest News
