52 matches found
EUVD-2018-3045
Malware in sbrugna...
EUVD-2019-19324
Malware in sbrugna...
EUVD-2018-5953
Malware in sbrugna...
EUVD-2018-21434
Malware in sbrugna...
EUVD-2018-7987
Malware in sbrugna...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
How to securely send your personal information
This story originally ran on The Parallax and was updated on July 3, 2019. A few months ago, my parents asked a great security question: How could they securely send their passport numbers to a travel agent? They knew email wasn’t safe on its own. Standard email indeed isn’t safe for sending...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
Open redirect
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
CVE-2019-9970
Open Whisper Signal (Signal-Desktop) up to version 1.23.1 and Signal Private Messenger for Android up to 4.35.3 are vulnerable to an IDN homograph attack when displaying messages that contain URLs. The root cause is that the app renders a clickable link even when the domain contains mixed Latin/C...
Open Whisper Signal Denial of Service Vulnerability
Signal is an encrypted instant messaging and voice calling software that supports iOS, Android, Debian-based distributions, macOS and Windows platforms. A denial of service vulnerability exists in Open Whisper Signal for iOS version 2.29.0 and earlier. The vulnerability stems from a failure of...
Design/Logic Flaw
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
CVE-2018-16132
The CVE describes an issue in the Open Whisper Signal app (iOS) up to version 2.29.0 where the image rendering component createGenericPreview does not validate excessively large inputs before processing them. This can allow a large image sent to a user to exhaust available memory when displayed, ...
CVE-2018-16132
The image rendering component createGenericPreview of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed,...
Open Whisper Signal Information Disclosure Vulnerability
Open Whisper Signal aka Signal-Desktop is a live chat application with encryption. An information disclosure vulnerability exists in versions prior to Open Whisper Signal 1.15.0-beta.10. An attacker can exploit the vulnerability to recover expired messages...
CVE-2018-14023
Open Whisper Signal aka Signal-Desktop before 1.15.0-beta.10 allows information leakage...
CVE-2018-14023
Open Whisper Signal aka Signal-Desktop before 1.15.0-beta.10 allows information leakage...