Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wire wire server vulnerabilities and exploits
(subscribe to this query)
5.9
CVSSv3
CVE-2023-34363
An issue exists in Progress DataDirect Connect for ODBC prior to 08.02.2770 for Oracle. When using Oracle Advanced Security (OAS) encryption, if an error is encountered initializing the encryption object used to encrypt data, the code falls back to a different encryption mechanis...
Progress Datadirect Odbc Oracle Wire Protocol Driver
6.5
CVSSv3
CVE-2023-22737
wire-server provides back end services for Wire, a team communication and collaboration platform. Prior to version 2022-12-09, every member of a Conversation can remove a Bot from a Conversation due to a missing permissions check. Only Conversation admins should be able to remove...
Wire Wire
5.3
CVSSv3
CVE-2022-39380
Wire web-app is part of Wire communications. Versions before 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error m...
Wire Wire-webapp
8.1
CVSSv3
CVE-2022-31122
Wire is an encrypted communication and collaboration platform. Versions before 2022-07-12/Chart 4.19.0 are subject to Token Recipient Confusion. If an attacker has certain details of SAML IdP metadata, and configures their own SAML on the same backend, the attacker can delete all...
Wire Wire Server
8.8
CVSSv3
CVE-2022-0336
The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on tha...
Samba Samba
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.8
CVSSv3
CVE-2021-20316
A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.
Samba Samba
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Virtualization Host 4.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux Tus 8.6
Redhat Enterprise Linux Aus 8.6
6.1
CVSSv3
CVE-2022-29168
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context ...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
6.1
CVSSv3
CVE-2022-24799
wire-webapp is the web application interface for the wire messaging service. Insufficient escaping in markdown “code highlighting” in the wire-webapp resulted in the possibility of injecting and executing arbitrary HTML code and thus also JavaScript. If a user receive...
Wire Wire-webapp 2019-02-11
Wire Wire-webapp 2019-02-13
Wire Wire-webapp 2019-02-18
Wire Wire-webapp 2019-02-27
Wire Wire-webapp 2019-02-28
Wire Wire-webapp 2019-03-05
Wire Wire-webapp 2019-03-07
Wire Wire-webapp 2019-03-11
Wire Wire-webapp 2019-03-13
Wire Wire-webapp 2019-03-20
Wire Wire-webapp 2019-03-25
Wire Wire-webapp 2019-03-28
Wire Wire-webapp 2019-04-08
Wire Wire-webapp 2019-04-11
Wire Wire-webapp 2019-04-18
Wire Wire-webapp 2019-04-23
Wire Wire-webapp 2019-04-25
Wire Wire-webapp 2019-04-29
Wire Wire-webapp 2019-05-14
Wire Wire-webapp 2019-05-15
Wire Wire-webapp 2019-05-31
Wire Wire-webapp 2019-06-04
7.5
CVSSv3
CVE-2021-41119
Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a...
Wire Wire-server
8.1
CVSSv3
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without S...
Wire Wire-server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »