Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wire wire vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-32666
wire-ios is the iOS version of Wire, an open-source secure messaging app. In wire-ios versions 3.8.0 and prior, a vulnerability exists that can cause a denial of service between users. If a user has an invalid assetID for their profile picture and it contains the " character...
Wire Wire
4.7
CVSSv3
CVE-2022-43673
Wire up to and including 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages can be retrieved (for a limited period of time) from the AppData\Roaming\Wire\IndexedDB\https_app.wire.com_0.indexeddb.leveldb database.
Wire Wire
8
CVSSv3
CVE-2020-15258
In Wire prior to 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an malicious user to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the...
Wire Wire
9.8
CVSSv3
CVE-2021-41093
Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an authentic...
Wire Wire
4.6
CVSSv3
CVE-2021-41094
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to enable encryption at rest by generating encryption keys via the Secure Enclave, ho...
Wire Wire
6.5
CVSSv3
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between...
Wire Wire
NA
CVE-2004-1704
WpQuiz 2.60b1 up to and including 2.60b8 allows remote malicious users to gain privileges via a direct request to adminrestore.php in the extras directory.
Wire Plastic Design Wpquiz 2.60b5
Wire Plastic Design Wpquiz 2.60b6
Wire Plastic Design Wpquiz 2.60b1
Wire Plastic Design Wpquiz 2.60b2
Wire Plastic Design Wpquiz 2.60b3
Wire Plastic Design Wpquiz 2.60b4
Wire Plastic Design Wpquiz 2.60b7
Wire Plastic Design Wpquiz 2.60b8
5.3
CVSSv3
CVE-2022-39380
Wire web-app is part of Wire communications. Versions before 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error m...
Wire Wire-webapp
8.1
CVSSv3
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without S...
Wire Wire-server
6.1
CVSSv3
CVE-2021-32683
wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open an image in a new tab (right click -> open in new tab, or copy the URL and pas...
Wire Wire-webapp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »