Skip to main content

Messenger

10 CVEs product

Monthly

CVE-2023-30097 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-30096 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-30095 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-41708 MEDIUM POC This Month

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Messenger
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2022-41707 MEDIUM POC This Month

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Messenger
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-17476 MEDIUM PATCH This Month

Mibew Messenger before 3.2.7 allows XSS via a crafted user name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Messenger
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2014-8688 HIGH This Week

An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure Messenger
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2014-7216 CRITICAL POC Act Now

Multiple stack-based buffer overflows in Yahoo!. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow Messenger
NVD
CVSS 2.0
9.3
EPSS
5.6%
CVE-2013-1085 CRITICAL Act Now

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.6% and no vendor patch available.

Buffer Overflow RCE Groupwise Messenger Messenger
NVD
CVSS 2.0
9.3
EPSS
20.6%
CVE-2012-0268 MEDIUM This Month

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo!. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Messenger
NVD
CVSS 2.0
5.1
EPSS
1.6%
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the private task. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability in TotalJS messenger commit b6cf1c9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the channel. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Messenger
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access existing chats in the workspaces of any user of the application. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Messenger
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access sensitive data of any user of the application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Messenger
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Mibew Messenger before 3.2.7 allows XSS via a crafted user name. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Messenger
NVD GitHub
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Apple Information Disclosure +1
NVD
EPSS 6% CVSS 9.3
CRITICAL POC Act Now

Multiple stack-based buffer overflows in Yahoo!. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Denial Of Service RCE Buffer Overflow +1
NVD
EPSS 21% CVSS 9.3
CRITICAL Act Now

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.6% and no vendor patch available.

Buffer Overflow RCE Groupwise Messenger +1
NVD
EPSS 2% CVSS 5.1
MEDIUM This Month

Integer overflow in the CYImage::LoadJPG method in YImage.dll in Yahoo!. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Messenger
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy