27 matches found
EUVD-2019-7623
Malware in sbrugna...
EUVD-2019-19324
Malware in sbrugna...
CVE-2020-5753
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined...
CVE-2019-17191
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...
CVE-2019-9970
Open Whisper Signal aka Signal-Desktop through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin...
The vulnerability of the Zangi Private Messenger messaging application, related to deficiencies in the session key generation mechanism, allows a hacker to execute a “man-in-the-middle” attack.
The vulnerability of the Zangi Private Messenger messaging application is related to deficiencies in the mechanism for generating session keys. Exploiting this vulnerability could allow a remote attacker to carry out a “man-in-the-middle” attack...
PT-2024-6815 · Unknown · Zangi Private Messenger
Name of the Vulnerable Software and Affected Versions: Zangi Private Messenger affected versions not specified Description: The issue is related to weaknesses in the session key generation mechanism of the application. This could allow a remote attacker to implement a "man-in-the-middle" attack...
CVE-2020-5753
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined...
Sql injection
Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact to ring a victim's Signal phone and disclose currently used DNS server due to ICE Candidate handling before call is answered or declined...
CVE-2019-17191
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...
CVE-2019-17191
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block...
Design/Logic Flaw
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block...
Code injection
DISPUTED The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other...
CVE-2019-17191
The CVE-2019-17191 entry concerns the Signal Private Messenger app for Android prior to version 4.47.7. The underling issue is a flow that lets a caller force a call to be answered via a connect message without recipient interaction. The callee is aware a call exists, but the audio channel may be...
CVE-2019-17191
The Signal Private Messenger application before 4.47.7 for Android allows a caller to force a call to be answered, without callee user interaction, via a connect message. The existence of the call is noticeable to the callee; however, the audio channel may be open before the callee can block...
CVE-2019-17192
The CVE-2019-17192 entry concerns the WebRTC component in Signal Private Messenger for Android up to version 4.47.7. The issue arises because videoconferencing RTP packets are processed before the callee answers, potentially enabling remote attackers to cause a denial of service or other impact v...
CVE-2019-17192
The WebRTC component in the Signal Private Messenger application through 4.47.7 for Android processes videoconferencing RTP packets before a callee chooses to answer a call, which might make it easier for remote attackers to cause a denial of service or possibly have unspecified other impact via...