CVE-2025-55996
- EPSS 0.03%
- Veröffentlicht 12.09.2025 15:15:32
- Zuletzt bearbeitet 16.10.2025 15:54:10
Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface
CVE-2020-14049
- EPSS 0.55%
- Veröffentlicht 22.06.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:02:26
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the h...
CVE-2018-3987
- EPSS 0.17%
- Veröffentlicht 13.02.2020 00:15:10
- Zuletzt bearbeitet 21.11.2024 04:06:26
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by dir...
CVE-2019-18800
- EPSS 0.23%
- Veröffentlicht 06.11.2019 16:15:10
- Zuletzt bearbeitet 21.11.2024 04:33:35
Viber through 11.7.0.5 allows a remote attacker who can capture a victim's internet traffic to steal their Viber account, because not all Viber protocol traffic is encrypted. TCP data packet 9 on port 4244 from the victim's device contains cleartext ...
CVE-2019-12569
- EPSS 3.22%
- Veröffentlicht 03.06.2019 01:29:00
- Zuletzt bearbeitet 21.11.2024 04:23:06
A vulnerability in Viber before 10.7.0 for Desktop (Windows) could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI. An attacker could exploit this vuln...