Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

gajim gajim vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2016-1037
Adobe Reader and Acrobat prior to 11.0.16, Acrobat and Acrobat Reader DC Classic prior to 15.006.30172, and Acrobat and Acrobat Reader DC Continuous prior to 15.016.20039 on Windows and OS X allow malicious users to execute arbitrary code or cause a denial of service (memory corr...
Adobe Acrobat DcAdobe AcrobatAdobe Acrobat Reader DcAdobe Reader
7.5
CVSSv2
CVE-2012-2086
SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim prior to 0.15 allows remote malicious users to execute arbitrary SQL commands via the jig parameter.
Gajim Gajim 0.14Gajim Gajim 0.13Gajim Gajim 0.12.1Gajim Gajim 0.12.2Gajim Gajim 0.11.2Gajim Gajim 0.11.1Gajim Gajim 0.8.2Gajim Gajim 0.7.1Gajim Gajim 0.3Gajim Gajim 0.2.1Gajim Gajim 0.14.2Gajim Gajim 0.14.1Gajim Gajim 0.12.5Gajim Gajim 0.12Gajim Gajim 0.11.4Gajim Gajim 0.11Gajim Gajim 0.8.1Gajim Gajim 0.8Gajim Gajim 0.4.1Gajim Gajim 0.4Gajim GajimGajim Gajim 0.14.3
6.8
CVSSv2
CVE-2012-2085
The exec_command function in common/helpers.py in Gajim prior to 0.15 allows user-assisted remote malicious users to execute arbitrary commands via shell metacharacters in an href attribute.
Gajim Gajim 0.11.4Gajim Gajim 0.12.5Gajim Gajim 0.13Gajim Gajim 0.13.1Gajim Gajim 0.10.1Gajim Gajim 0.11.2Gajim Gajim 0.11.3Gajim Gajim 0.12.3Gajim Gajim 0.12.4Gajim Gajim 0.10Gajim Gajim 0.11Gajim Gajim 0.1Gajim GajimGajim Gajim 0.12Gajim Gajim 0.13.2Gajim Gajim 0.13.3Gajim Gajim 0.11.1Gajim Gajim 0.14.3Gajim Gajim 0.12.1Gajim Gajim 0.12.2Gajim Gajim 0.13.4Gajim Gajim 0.14
5.8
CVSSv2
CVE-2015-8688
Gajim prior to 0.16.5 allows remote malicious users to modify the roster and intercept messages via a crafted roster-push IQ stanza.
Gajim Gajim
5
CVSSv2
CVE-2021-41055
Gajim 1.2.x and 1.3.x prior to 1.3.3 allows remote malicious users to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID.
Gajim Gajim
5
CVSSv2
CVE-2016-9107
The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Otr Gajim-otr -
4.3
CVSSv2
CVE-2012-5524
The _ssl_verify_callback function in tls_nb.py in Gajim prior to 0.15.3 does not properly verify SSL certificates, which allows remote malicious users to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA.
Gajim Gajim 0.12.1Gajim Gajim 0.12.2Gajim Gajim 0.12.3Gajim Gajim 0.12.4Gajim Gajim 0.15Gajim Gajim 0.2Gajim Gajim 0.2.1Gajim Gajim 0.3Gajim Gajim 0.10Gajim Gajim 0.10.1Gajim Gajim 0.11Gajim Gajim 0.11.1Gajim Gajim 0.13.1Gajim Gajim 0.13.2Gajim Gajim 0.13.3Gajim Gajim 0.13.4Gajim Gajim 0.14Gajim Gajim 0.6Gajim Gajim 0.6.1Gajim Gajim 0.7Gajim Gajim 0.7.1Gajim Gajim 0.15.1
3.5
CVSSv2
CVE-2016-10376
Gajim up to and including 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions.
Gajim Gajim
3.5
CVSSv2
CVE-2012-1987
Unspecified vulnerability in Puppet 2.6.x prior to 2.6.15 and 2.7.x prior to 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x prior to 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a...
Puppet Puppet 2.6.6Puppet Puppet 2.6.5Puppet Puppet 2.6.13Puppet Puppet 2.6.12Puppet Puppet 2.6.4Puppet Puppet 2.6.3Puppet Puppet 2.6.9Puppet Puppet 2.6.8Puppet Puppet 2.6.7Puppet Puppet 2.6.0Puppet Puppet 2.6.14Puppet Puppet 2.6.11Puppet Puppet 2.6.10Puppet Puppet 2.6.2Puppet Puppet 2.6.1Puppet Puppet 2.7.10Puppetlabs Puppet 2.7.1Puppetlabs Puppet 2.7.0Puppet Puppet 2.7.9Puppet Puppet 2.7.8Puppet Puppet 2.7.4Puppet Puppet 2.7.3
3.3
CVSSv2
CVE-2012-2093
src/common/latex.py in Gajim 0.15 allows local users to overwrite arbitrary files via a symlink attack on a temporary latex file, related to the get_tmpfile_name function.
Gajim Gajim 0.15
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895blind SQL injectionCVE-2024-5064CVE-2023-52677CVE-2023-52682CVE-2024-30051CVE-2024-35849remote attackersremote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook