34 matches found
EUVD-2018-5953
Malware in sbrugna...
EUVD-2018-3045
Malware in sbrugna...
EUVD-2019-19324
Malware in sbrugna...
EUVD-2018-7987
Malware in sbrugna...
EUVD-2018-21434
Malware in sbrugna...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
Open redirect
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
CVE-2019-9970
Open Whisper Signal (Signal-Desktop) up to version 1.23.1 and Signal Private Messenger for Android up to 4.35.3 are vulnerable to an IDN homograph attack when displaying messages that contain URLs. The root cause is that the app renders a clickable link even when the domain contains mixed Latin/C...
Open Whisper Signal Denial of Service Vulnerability
Signal is an encrypted instant messaging and voice calling software that supports iOS, Android, Debian-based distributions, macOS and Windows platforms. A denial of service vulnerability exists in Open Whisper Signal for iOS version 2.29.0 and earlier. The vulnerability stems from a failure of...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
Design/Logic Flaw
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The CVE describes an issue in the Open Whisper Signal app (iOS) up to version 2.29.0 where the image rendering component createGenericPreview does not validate excessively large inputs before processing them. This can allow a large image sent to a user to exhaust available memory when displayed, ...
Open Whisper Signal Information Disclosure Vulnerability
Open Whisper Signal aka Signal-Desktop is a live chat application with encryption. An information disclosure vulnerability exists in versions prior to Open Whisper Signal 1.15.0-beta.10. An attacker can exploit the vulnerability to recover expired messages...
CVE-2018-14023
Open Whisper Signal aka Signal-Desktop before 1.15.0-beta.10 allows information leakage...
CVE-2018-14023
Open Whisper Signal aka Signal-Desktop before 1.15.0-beta.10 allows information leakage...
CVE-2018-14023
Open Whisper Signal aka Signal-Desktop before 1.15.0-beta.10 allows information leakage...
Design/Logic Flaw
Open Whisper Signal aka Signal-Desktop through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability than CVE-2018-10994. The attacker needs to send HTML code directly as a...