Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-4996
libpurple in Pidgin prior to 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote malicious users to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory...
Pidgin Pidgin 2.2.0
605
VMScore
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote malicious users to trick a user into accepting an invalid server certificate for a spoofed service.
Pidgin Pidgin 2.4.3
445
VMScore
CVE-2008-2956
Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote malicious users to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scena...
Pidgin Pidgin 2.0.0
570
VMScore
CVE-2008-2957
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote malicious users to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
Pidgin Pidgin 2.0.0
435
VMScore
CVE-2008-2955
Pidgin 2.4.1 allows remote malicious users to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
Pidgin Pidgin 2.4.1
1 EDB exploit
383
VMScore
CVE-2009-3025
Unspecified vulnerability in Pidgin 2.6.0 allows remote malicious users to cause a denial of service (crash) via a link in a Yahoo IM.
Pidgin Pidgin 2.6.0
445
VMScore
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without...
Pidgin Pidgin 2.6.0
801
VMScore
CVE-2007-3841
Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability in...
Pidgin Pidgin 2.0.2
215
VMScore
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
383
VMScore
CVE-2022-26491
An issue exists in Pidgin prior to 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing...
Pidgin Pidgin
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »