Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
libpurple vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2010-1624
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
Pidgin Pidgin
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
2.9
CVSSv2
CVE-2013-0274
upnp.c in libpurple in Pidgin prior to 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote malicious users to cause a denial of service (application crash) by leveraging access to the local network.
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
5
CVSSv2
CVE-2012-1178
The msn_oim_report_to_user function in oim.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.2 allows remote servers to cause a denial of service (application crash) via an OIM message that lacks UTF-8 encoding.
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.0.2
6.8
CVSSv2
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote malicious users to trick a user into accepting an invalid server certificate for a spoofed service.
Pidgin Pidgin 2.4.3
4
CVSSv2
CVE-2010-3711
libpurple in Pidgin prior to 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins...
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
4.3
CVSSv2
CVE-2011-3184
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.0 does not properly handle HTTP 100 responses, which allows remote malicious users to cause a denial of service (incorrect memory access and application crash) via v...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.9
Pidgin Pidgin
5
CVSSv2
CVE-2011-4602
The XMPP protocol plugin in libpurple in Pidgin prior to 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote malicious users to cause a denial of service (application crash) via a crafted message.
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin
5
CVSSv2
CVE-2012-2318
msg.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.7.9
3.5
CVSSv2
CVE-2012-2214
proxy.c in libpurple in Pidgin prior to 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.8.0
5
CVSSv2
CVE-2010-0277
slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote malicious users to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malformed MSNSLP INVITE re...
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »