VYPR
Vendor

Twilio

Products
3
CVEs
3
Across products
3
Status
Private

Products

3

Recent CVEs

3
  • CVE-2018-17388CriJun 19, 2019
    risk 0.64cvss 9.8epss 0.02

    SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php.

  • CVE-2024-39891MedKEVJul 2, 2024
    risk 0.47cvss 5.3epss 0.01

    In the Twilio Authy API, accessed by Authy Android before 25.1.0 and Authy iOS before 26.1.0, an unauthenticated endpoint provided access to certain phone-number data, as exploited in the wild in June 2024. Specifically, the endpoint accepted a stream of requests containing…

  • CVE-2020-24655MedSep 10, 2020
    risk 0.33cvss 5.1epss 0.00

    A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices (effectively bypassing the PIN requirement).