Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wire vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-39380
Wire web-app is part of Wire communications. Versions before 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting can trigger an unhandled error in the conversion to HTML representation. The error m...
Wire Wire-webapp
6.1
CVSSv3
CVE-2021-32683
wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open an image in a new tab (right click -> open in new tab, or copy the URL and pas...
Wire Wire-webapp
5.7
CVSSv3
CVE-2021-41101
wire-server is an open-source back end for Wire, a secure collaboration platform. Before version 2.106.0, the CORS ` Access-Control-Allow-Origin ` header set by `nginz` is set for all subdomains of `.wire.com` (including `wire.com`). This means that if somebody were to find an XS...
Wire Wire Server
8.1
CVSSv3
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and impersonate any Wire user with SAML credentials. In teams with SAML, but without S...
Wire Wire-server
6.5
CVSSv3
CVE-2021-21396
wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in the `GET /users/list-clients` endpoint. The endpoint could be used by any logged...
Wire Wire Server
9.8
CVSSv3
CVE-2021-41193
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions before 7.1.12 allows an malicious user to cause a denial of service or possibly execute arbitrary code. The issue has been fixed in wire-avs ...
Wire Wire-audio Video Signaling
9.6
CVSSv3
CVE-2021-21382
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost which you might consider private. In the configuration that we ship (https://gi...
Wire Restund
9.1
CVSSv3
CVE-2021-29508
Due to how Wire handles type information in its serialization format, malicious payloads can be passed to a deserializer. e.g. using a surrogate on the sender end, an attacker can pass information about a different type for the receiving end. And by doing so allowing the serializ...
Asynkron Wire
NA
CVE-2006-1639
SQL injection vulnerability in index.php in wpBlog 0.4 allows remote malicious users to execute arbitrary SQL commands via the postid parameter.
Wire Plastik Design Wpblog 0.4
NA
CVE-2007-6172
Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote malicious users to execute arbitrary SQL commands via the id parameter to (1) viewimage.php and (2) comments.php.
Wire Plastic Design Wpquiz 2.7
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »