Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8
CVE-2020-27853
- EPSS 3.22%
- Veröffentlicht 27.10.2020 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:21:56
Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. This affects Wire AVS (Audio, Video, and Signaling) 5.3 through 6.x before 6.4, the Wire Secure Me...
- EPSS 0.73%
- Veröffentlicht 16.10.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:05:12
In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with arbitrary protocols. The victim has to interact with...
7.5
CVE-2018-8909
- EPSS 0.51%
- Veröffentlicht 22.03.2018 06:29:00
- Zuletzt bearbeitet 21.11.2024 04:14:34
The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala.