CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CNVD•added 2017/02/13 12:0 a.m.•1 views

ChatSecure and Zom User Emulation Vulnerabilities

ChatSecure is an open source project program that provides secure communication channels for XMPP Google Instant Messenger, Jabber, etc. or Oscar AIM to ensure encrypted chat services.Zom is a free and open source software with privacy features to help you stay connected wherever you are. A user...

5.9CVSS6.8AI score0.00384EPSS

Exploits2References1

0day.today•added 2017/02/10 12:0 a.m.•106 views

XMPP Clients User Impersonation Vulnerability

Exploit for multiple platform in category local exploits Multiple XMPP Clients User Impersonation Vulnerability Summary ------- An incorrect implementation of XEP-0280: Message Carbons0 in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerabl...

4.3CVSS5.9AI score0.02715EPSS

Exploits13

NVD•added 2017/02/09 8:59 p.m.•12 views

CVE-2017-5590

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for ChatSecure 3.2.0 - 4.0.0;...

5.9CVSS5.8AI score0.00384EPSS

Exploits2References6

OSV•added 2017/02/09 8:59 p.m.•18 views

CVE-2017-5590

5.9CVSS5.6AI score0.00245EPSS

Exploits2References6

Prion•added 2017/02/09 8:59 p.m.•16 views

Design/Logic Flaw

4.3CVSS5.8AI score0.00384EPSS

Exploits3References6Affected Software2

CVE•added 2017/02/09 8:0 p.m.•48 views

CVE-2017-5590

The CVE-2017-5590 entry concerns an incorrect implementation of XEP-0280 (Message Carbons) in ChatSecure for iOS (3.2.0–4.0.0) and Zom for iOS (all versions up to 1.0.11). The root cause is the flawed handling of message carbons that allows a remote attacker to impersonate any user, including con...

5.9CVSS5.7AI score0.00384EPSS

Exploits2References6Affected Software1

Cvelist•added 2017/02/09 8:0 p.m.•12 views

CVE-2017-5590

5.8AI score0.00384EPSS

Exploits2References6

hackapp•added 2016/04/01 8:55 a.m.•13 views

ChatSecure - Customized SSL, Runtime privilege escalation vulnerabilities

HackApp vulnerability scanner discovered that application ChatSecure published at the 'play' market has multiple vulnerabilities...

0.5AI score

Exploits0References1Affected Software1

securityvulns•added 2014/09/29 12:0 a.m.•23 views

ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability

Document Title: =============== ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1317 Release Date: ============= 2014-09-10 Vulnerability Laboratory ID VL-ID: ==================================== 13...

7AI score

Exploits0

seebug.org•added 2014/09/18 12:0 a.m.•18 views

ChatSecure IM 2.2.4 iOS - Persistent XSS Vulnerability

No description provided by source. Document Title: =============== ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1317 Release Date: ============= 2014-09-10 Vulnerability Laboratory ID VL-ID:...

7.1AI score

Exploits0

exploitpack•added 2014/09/11 12:0 a.m.•19 views

ChatSecure IM 2.2.4 iOS - Persistent Cross-Site Scripting

ChatSecure IM 2.2.4 iOS - Persistent Cross-Site Scripting Document Title: =============== ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1317 Release Date: ============= 2014-09-10 Vulnerability...

6.5AI score

Exploits0