Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wire vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-43673
Wire up to and including 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages can be retrieved (for a limited period of time) from the AppData\Roaming\Wire\IndexedDB\https_app.wire.com_0.indexeddb.leveldb database.
Wire Wire
6
CVSSv2
CVE-2020-15258
In Wire prior to 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an malicious user to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with the link and sees the...
Wire Wire
7.5
CVSSv2
CVE-2021-41093
Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an authentic...
Wire Wire
2.1
CVSSv2
CVE-2021-41094
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to enable encryption at rest by generating encryption keys via the Secure Enclave, ho...
Wire Wire
5
CVSSv2
CVE-2021-32665
wire-ios is the iOS version of Wire, an open-source secure messaging app. wire-ios versions 3.8.0 and previous versions have a bug in which a conversation could be incorrectly set to "unverified. This occurs when: - Self user is added to a new conversation - Self user is add...
Wire Wire
5
CVSSv2
CVE-2018-8909
The Wire application prior to 2018-03-07 for Android allows malicious users to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala.
Wire Wire
7.5
CVSSv2
CVE-2004-1704
WpQuiz 2.60b1 up to and including 2.60b8 allows remote malicious users to gain privileges via a direct request to adminrestore.php in the extras directory.
Wire Plastic Design Wpquiz 2.60b5
Wire Plastic Design Wpquiz 2.60b6
Wire Plastic Design Wpquiz 2.60b1
Wire Plastic Design Wpquiz 2.60b2
Wire Plastic Design Wpquiz 2.60b3
Wire Plastic Design Wpquiz 2.60b4
Wire Plastic Design Wpquiz 2.60b7
Wire Plastic Design Wpquiz 2.60b8
7.5
CVSSv2
CVE-2021-41100
Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session token in the `Authorization` header. As the short-lived token is only meant as ...
Wire Wire-server
4
CVSSv2
CVE-2021-21396
wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in the `GET /users/list-clients` endpoint. The endpoint could be used by any logged...
Wire Wire Server
NA
CVE-2022-31122
Wire is an encrypted communication and collaboration platform. Versions before 2022-07-12/Chart 4.19.0 are subject to Token Recipient Confusion. If an attacker has certain details of SAML IdP metadata, and configures their own SAML on the same backend, the attacker can delete all...
Wire Wire Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »