108 matches found
The vulnerability of the MFlash secure data exchange platform lies in its insufficient authentication attempt limitation, which allows a perpetrator to gain unauthorized access to the platform.
The vulnerability of the MFlash secure messaging platform is related to insufficient restrictions on authentication attempts. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to the platform...
The vulnerability of the MFlash secure data exchange platform lies in the lack of protective measures for the website structure, allowing attackers to execute arbitrary code.
The vulnerability of the MFlash secure messaging platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting specially crafted HTML code...
CVE-2024-0875
A stored cross-site scripting XSS vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is...
CVE-2024-0875
A stored cross-site scripting XSS vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is...
CVE-2024-0875 Stored XSS in openemr/openemr
A stored cross-site scripting XSS vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is...
CVE-2024-0875 Stored XSS in openemr/openemr
A stored cross-site scripting XSS vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is...
CVE-2024-0875 Stored XSS in openemr/openemr
A stored cross-site scripting XSS vulnerability exists in openemr/openemr version 7.0.1. An attacker can inject malicious payloads into the 'inputBody' field in the Secure Messaging feature, which can then be sent to other users. When the recipient views the malicious message, the payload is...
CVE-2024-0875
CVE-2024-0875 affects OpenEMR/OpenEMR v7.0.1, where a stored XSS in the Secure Messaging feature allows injection into the inputBody field and execution when recipients view the message, potentially compromising accounts. The issue is fixed in v7.0.2.1. Affected component: Secure Messaging, vulne...
OpenEMR 跨站脚本漏洞
OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A cross-site scripting vulnerability exists in OpenEMR version 7.0.1. The...
PT-2024-15883 · Openemr · Openemr
Name of the Vulnerable Software and Affected Versions: openemr/openemr version 7.0.1 Description: A stored cross-site scripting XSS issue exists in the Secure Messaging feature. An attacker can inject malicious payloads into the inputBody field, which can then be sent to other users. When the...
CryptoChat - Beyond Secure Messaging
Welcome to CryptChat - where conversations remain truly private. Built on the robust Python ecosystem, our application ensures that every word you send is wrapped in layers of encryption. Whether you're discussing sensitive business details or sharing personal stories, CryptChat provides the...
UK Threatens End-to-End Encryption
In an open letter, seven secure messaging apps--including Signal and WhatsApp--point out that the UKs Online Safety Bill could destroy end-to-end encryption: As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of...
WhatsApp introduces new security features
WhatsApp has announced several new security features which include an extra check when an account is transferred to a new device. This check asks that users confirm the transfer on their old device. This should warn users in case there is a transfer in progress started by somebody trying to hijac...
[SECURITY] Fedora 36 Update: golang-github-fernet-0-0.10.20200726giteff2850.fc36
Fernet takes a user-provided message an arbitrary sequence of bytes, a key 256 bits, and the current time, and produces a token, which contains the message in a form that can't be read or altered without the key...
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
Design/Logic Flaw
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009 DoS vulnerability: Invalid Accent Colors
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
CVE-2022-31009 DoS vulnerability: Invalid Accent Colors
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...
Cyph - Cryptographically Secure Messaging And Social Networking Service
Cyph is a cryptographically secure messaging and social networking service, providing an extreme level of privacy combined with best-in-class ease of use. Cyph’s patented technology — built by former SpaceX engineers, audited by Cure53, and the basis of research presentations at Black Hat and DEF...