CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the Mattermost instant messaging application, related to incorrect authentication, allows a hacker to disclose protected information.

The vulnerability of the Mattermost instant messaging application is related to improper authentication. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

3.1CVSS5.4AI score0.00181EPSS

Exploits0References4Affected Software1

RedhatCVE•added 2025/05/22 11:2 p.m.•6 views

CVE-2022-33692

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log...

4CVSS6.6AI score0.00095EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:34 p.m.•5 views

CVE-2021-43633

Sourcecodester Messaging Web Application 1.0 is vulnerable to stored XSS. If a sender inserts valid scripts into the chat, the script will be executed on the receiver chat...

5.4CVSS6.6AI score0.00546EPSS

Exploits0

Fedora•added 2024/05/29 3:37 a.m.•12 views

[SECURITY] Fedora 40 Update: qt6-qtspeech-6.7.1-1.fc40

The module enables a Qt application to support accessibility features such as text-to-speech, which is useful for end-users who are visually challenged or cannot access the application for whatever reason. The most common use case where text-to-speech comes in handy is when the end-user is drivin...

9.8CVSS6.2AI score0.0097EPSS

Exploits0

OSV•added 2022/07/12 2:15 p.m.•3 views

CVE-2022-33692

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log...

3.3CVSS5.8AI score0.00095EPSS

Exploits0References1

Prion•added 2022/07/12 2:15 p.m.•16 views

Information disclosure

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log...

2.1CVSS4AI score0.00095EPSS

Exploits0References1Affected Software1

CVE•added 2022/07/11 1:34 p.m.•62 views

CVE-2022-33692

CVE-2022-33692 refers to an information-disclosure vulnerability in Samsung’s Message App on Samsung mobile devices. The available connected documents describe that prior to the SMR July 2022 Release 1, a local attacker could access IMSI and ICCID via logs produced by the Messaging application. T...

4CVSS3.9AI score0.00095EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/07/11 1:34 p.m.•23 views

CVE-2022-33692

Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log...

4CVSS4.5AI score0.00095EPSS

Exploits0References1

Prion•added 2022/06/25 7:15 a.m.•19 views

Design/Logic Flaw

Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering @mentions in the wire-webapp. If a user receives and views a malicious message, arbitrary code is injected and executed in the context of the victim...

4.3CVSS6.5AI score0.00777EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/06/25 7:5 a.m.•6 views

CVE-2022-29168 Cross Site Scripting in Wire Messages

9.6CVSS9.3AI score0.00777EPSS

Exploits0References1

Cvelist•added 2022/06/23 6:40 a.m.•24 views

CVE-2022-31009 DoS vulnerability: Invalid Accent Colors

wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multiple times on launch. These invalid accent colors can be used by and sent between Wire users. The...

5.7CVSS6.3AI score0.00622EPSS

Exploits0References2

CVE•added 2022/06/23 6:40 a.m.•64 views

CVE-2022-31009

CVE-2022-31009 affects the Wire iOS client. The root cause is an unnecessary assert when converting an integer to an enum, causing an exception instead of a default fallback, which can crash the iOS Wire Client on startup. The issue is fixed in the wire-ios repo (commit caa0e27dbe51f9edfda8c7a9f0...

6.5CVSS5.6AI score0.00622EPSS

Exploits0References2Affected Software1

CVE•added 2022/05/31 10:35 p.m.•83 views

CVE-2022-31013

Chat Server (Vartalap) vulnerability CVE-2022-31013 affects versions 2.3.2–2.6.0. Root cause is a token validation bug where this.authProvider.verifyAccessKey is treated as asynchronous without awaiting results, enabling authentication bypass. A patch exists in version 2.6.0. Public references ac...

9.8CVSS9.7AI score0.01372EPSS

Exploits0References3Affected Software1

NVD•added 2022/03/11 6:15 p.m.•18 views

CVE-2022-23625

Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by causing it to repeatedly crash on launch. These malformed resource identifiers can be generated and...

6.5CVSS0.01191EPSS

Exploits0References3