Latest Wire Vulnerabilities

CVE-2023-48221
wire-avs remote format string vulnerability
Wire Audio\, Video\, And Signaling<9.2.22
Wire Audio\, Video\, And Signaling>=9.3.0<=9.3.5
CVE-2023-22737
wire-server provides back end services for Wire, a team communication and collaboration platform. Prior to version 2022-12-09, every member of a Conversation can remove a Bot from a Conversation due t...
Wire Wire<2022-12-09
CVE-2022-39380
Wire web-app is part of Wire communications. Versions prior to 2022-11-02 are subject to Improper Handling of Exceptional Conditions. In the wire-webapp, certain combinations of Markdown formatting ca...
Wire Wire-webapp<2022-11-02
CVE-2022-43673
Wire through 3.22.3993 on Windows advertises deletion of sent messages; nonetheless, all messages can be retrieved (for a limited period of time) from the AppData\Roaming\Wire\IndexedDB\https_app.wire...
Wire Wire<=3.22.3993
CVE-2022-29168
Wire is a secure messaging application. Wire is vulnerable to arbitrary HTML and Javascript execution via insufficient escaping when rendering `@mentions` in the wire-webapp. If a user receives and vi...
=2016-07-29-17-00
=2016-08-04-15-44
=2016-08-23-09-31
=2016-08-24-10-10
=2016-08-29-14-54
=2016-09-08-15-38
and 361 more
CVE-2022-31009
wire-ios is an iOS client for the Wire secure messaging application. Invalid accent colors of Wire communication partners may render the iOS Wire Client partially unusable by causing it to crash multi...
Wire Wire<3.100
CVE-2022-23610
wire-server provides back end services for Wire, an open source messenger. In versions of wire-server prior to the 2022-01-27 release, it was possible to craft DSA Signatures to bypass SAML SSO and im...
Wire Wire-server<2.123.0
CVE-2022-23625
Wire-ios is a messaging application using the wire protocol on apple's ios platform. In versions prior to 3.95 malformed resource identifiers may render the iOS Wire Client completely unusable by caus...
Wire Wire<3.95
Wire Wire-ios-transport<84.1.1
CVE-2021-41193
wire-avs is the audio visual signaling (AVS) component of Wire, an open-source messenger. A remote format string vulnerability in versions prior to 7.1.12 allows an attacker to cause a denial of servi...
Wire Wire-audio Video Signaling<7.1.12
CVE-2022-23605
Wire webapp is a web client for the wire messaging protocol. In versions prior to 2022-01-27-production.0 expired ephemeral messages were not reliably removed from local chat history of Wire Webapp. I...
Wire Wire-webapp=2016-07-29-17-00
Wire Wire-webapp=2016-08-04-15-44
Wire Wire-webapp=2016-08-23-09-31
Wire Wire-webapp=2016-08-24-10-10
Wire Wire-webapp=2016-08-29-14-54
Wire Wire-webapp=2016-09-08-15-38
and 342 more
CVE-2021-41094
Wire is an open source secure messenger. Users of Wire by Bund may bypass the mandatory encryption at rest feature by simply disabling their device passcode. Upon launching, the app will attempt to en...
Wire Wire>=3.68<3.70
CVE-2021-41093
Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in...
Wire Wire<3.86
CVE-2021-41100
Wire-server is the backing server for the open source wire secure messaging application. In affected versions it is possible to trigger email address change of a user with only the short-lived session...
Wire Wire-server<2021-08-16
CVE-2021-32755
Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a...
Wire Wire<3.84
Apple iPhone OS>=13.0
CVE-2021-32683
wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open a...
Wire Wire-webapp<2021-06-01
CVE-2021-21382
Restund is an open source NAT traversal server. The restund TURN server can be instructed to open a relay to the loopback address range. This allows you to reach any other service running on localhost...
Wire Restund<0.4.15
CVE-2021-32666
wire-ios is the iOS version of Wire, an open-source secure messaging app. In wire-ios versions 3.8.0 and prior, a vulnerability exists that can cause a denial of service between users. If a user has a...
Wire Wire<3.81
CVE-2021-32665
wire-ios is the iOS version of Wire, an open-source secure messaging app. wire-ios versions 3.8.0 and earlier have a bug in which a conversation could be incorrectly set to "unverified. This occurs wh...
Wire Wire<3.81
CVE-2021-21400
wire-webapp is an open-source front end for Wire, a secure collaboration platform. In wire-webapp before version 2021-03-15-production.0, when being prompted to enter the app-lock passphrase, the type...
Wire Wire-webapp<=2019-07-11-13-18
Wire Wire-webapp=2019-02-11-staging0
Wire Wire-webapp=2019-02-11-staging1
Wire Wire-webapp=2019-02-11-staging2
Wire Wire-webapp=2019-02-13-staging0
Wire Wire-webapp=2019-02-18-staging0
and 186 more
CVE-2021-21396
wire-server is an open-source back end for Wire, a secure collaboration platform. In wire-server from version 2021-02-16 and before version 2021-03-02, the client metadata of all users was exposed in ...
Wire Wire Server>=2021-02-16<2021-03-02
CVE-2021-21301
Wire is an open-source collaboration platform. In Wire for iOS (iPhone and iPad) before version 3.75 there is a vulnerability where the video capture isn't stopped in a scenario where a user first has...
Wire Wire<3.75
CVE-2020-27853
Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. This affects Wire AVS (Audio, Video, and Signali...
Wire Wire<3.21.2936
Wire Wire<3.21.3932
Wire Wire<3.21.3959
Wire Wire - Audio\, Video\, And Signaling>=5.3<6.4
Wire Wire Secure Messenger<3.49.918
Wire Wire Secure Messenger<3.61
CVE-2020-15258
In Wire before 3.20.x, `shell.openExternal` was used without checking the URL. This vulnerability allows an attacker to execute code on the victims machine by sending messages containing links with ar...
Wire Wire<3.20.2934

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203