Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jabber vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2021-32920
Prosody prior to 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.
Prosody Prosody
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
NA
CVE-2022-0217
It exists that an internal Prosody library to load XML based on libexpat does not properly restrict the XML features allowed in parsed XML data. Given suitable attacker input, this results in expansion of recursive entity references from DTDs (CWE-776). In addition, depending on ...
Prosody Prosody
5
CVSSv2
CVE-2005-0208
The HTML parsing functions in Gaim prior to 1.1.4 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0473.
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.1.3
Rob Flynn Gaim 1.1.0
Rob Flynn Gaim 1.1.1
4.3
CVSSv2
CVE-2013-6169
The TLS driver in ejabberd prior to 2.1.12 supports (1) SSLv2 and (2) weak SSL ciphers, which makes it easier for remote malicious users to obtain sensitive information via a brute-force attack.
Process-one Ejabberd 2.1.0
Process-one Ejabberd 2.0.5
Process-one Ejabberd 2.0.4
Process-one Ejabberd 2.0.3
Process-one Ejabberd 0.9.8
Process-one Ejabberd 0.9.1
Process-one Ejabberd 0.9
Process-one Ejabberd 2.1.9
Process-one Ejabberd 2.1.7
Process-one Ejabberd 2.1.6
Process-one Ejabberd 2.1.5
Process-one Ejabberd 2.0.0
Process-one Ejabberd 1.1.3
Process-one Ejabberd 1.1.2
Process-one Ejabberd 1.1.14
Process-one Ejabberd 1.1.1.1
Process-one Ejabberd 2.1.11
Process-one Ejabberd 2.1.8
Process-one Ejabberd 2.1.4
Process-one Ejabberd 2.1.2
Process-one Ejabberd 2.0.1 2
Process-one Ejabberd 1.1.1
5
CVSSv2
CVE-2005-0473
The HTML parsing functions in Gaim prior to 1.1.3 allow remote malicious users to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.
Rob Flynn Gaim 1.0
Rob Flynn Gaim 1.1.2
Rob Flynn Gaim 1.0.1
Rob Flynn Gaim 1.1.1
Mandrakesoft Mandrake Linux 10.1
Redhat Enterprise Linux 4.0
Mandrakesoft Mandrake Linux Corporate Server 3.0
Mandrakesoft Mandrake Linux 10.0
Redhat Enterprise Linux Desktop 4.0
5
CVSSv2
CVE-2021-32918
An issue exists in Prosody prior to 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.
Prosody Prosody
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
4.3
CVSSv2
CVE-2015-1788
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL prior to 0.9.8s, 1.0.0 prior to 1.0.0e, 1.0.1 prior to 1.0.1n, and 1.0.2 prior to 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows re...
Openssl Openssl
Openssl Openssl 1.0.1m
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.1j
Openssl Openssl 1.0.0n
Openssl Openssl 1.0.1
Openssl Openssl 1.0.0c
Openssl Openssl 1.0.0i
Openssl Openssl 1.0.0
Openssl Openssl 1.0.1h
Openssl Openssl 1.0.0m
Openssl Openssl 1.0.1c
Openssl Openssl 1.0.1g
Openssl Openssl 1.0.0h
Openssl Openssl 1.0.0e
Openssl Openssl 1.0.0f
Openssl Openssl 1.0.0d
Openssl Openssl 1.0.0j
Openssl Openssl 1.0.0p
Openssl Openssl 1.0.1a
Openssl Openssl 1.0.0o
Openssl Openssl 1.0.1d
1 Article
4.3
CVSSv2
CVE-2008-2955
Pidgin 2.4.1 allows remote malicious users to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
Pidgin Pidgin 2.4.1
1 EDB exploit
5
CVSSv2
CVE-2015-0207
The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 prior to 1.0.2a does not properly isolate the state information of independent data streams, which allows remote malicious users to cause a denial of service (application crash) via crafted DTLS traffic, as demonstrated by DT...
Openssl Openssl 1.0.2
4.3
CVSSv2
CVE-2015-0208
The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_ameth.c in OpenSSL 1.0.2 prior to 1.0.2a allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via crafted RSA PSS parameters to...
Openssl Openssl 1.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »