Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3532
The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL certificates, which makes it easier for remote malicious users to trick a user into accepting an invalid server certificate for a spoofed service.
Pidgin Pidgin 2.4.3
NA
CVE-2008-2927
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin prior to 2.4.3 and Adium prior to 1.3 allow remote malicious users to execute arbitrary c...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.2.0
Pidgin Pidgin
Pidgin Pidgin 2.2.1
Adium Adium 1.0.2
Adium Adium 1.1
Adium Adium 1.0.1
Adium Adium 1.0.5
Adium Adium 1.1.2
Adium Adium 1.1.3
Adium Adium 1.1.4
Adium Adium 1.0.4
Adium Adium
NA
CVE-2008-2956
Memory leak in Pidgin 2.0.0, and possibly other versions, allows remote malicious users to cause a denial of service (memory consumption) via malformed XML documents. NOTE: this issue has been disputed by the upstream vendor, who states: "I was never able to identify a scena...
Pidgin Pidgin 2.0.0
NA
CVE-2008-2957
The UPnP functionality in Pidgin 2.0.0, and possibly other versions, allows remote malicious users to trigger the download of arbitrary files and cause a denial of service (memory or disk consumption) via a UDP packet that specifies an arbitrary URL.
Pidgin Pidgin 2.0.0
NA
CVE-2008-2955
Pidgin 2.4.1 allows remote malicious users to cause a denial of service (crash) via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_slplink_process_msg function.
Pidgin Pidgin 2.4.1
1 EDB exploit
NA
CVE-2007-4999
libpurple in Pidgin 2.1.0 up to and including 2.2.1, when using HTML logging, allows remote malicious users to cause a denial of service (NULL dereference and application crash) via a message that contains invalid HTML data, a different vector than CVE-2007-4996.
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.2.0
NA
CVE-2007-5379
Rails prior to 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrate...
David Hansson Ruby On Rails
NA
CVE-2007-4996
libpurple in Pidgin prior to 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote malicious users to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory...
Pidgin Pidgin 2.2.0
NA
CVE-2007-3841
Unspecified vulnerability in Pidgin (formerly Gaim) 2.0.2 for Linux allows remote authenticated users, who are listed in a users list, to execute certain commands via unspecified vectors, aka ZD-00000035. NOTE: this information is based upon a vague advisory by a vulnerability in...
Pidgin Pidgin 2.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886
insecure direct object reference
CVE-2024-34342
file inclusion
CVE-2024-34562
CVE-2024-34347
CVE-2024-26026
CVE-2024-4647
unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6