Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-1000030
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 c...
Suse Linux Enterprise Server 11
Pidgin Pidgin
890
VMScore
CVE-2015-8833
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin prior to 4.0.2 for Pidgin allows remote malicious users to execute arbitrary code via vectors related to the "Authenticate buddy" menu ...
Cypherpunks Pidgin-otr
668
VMScore
CVE-2012-2369
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin prior to 3.2.1 for Pidgin might allow remote malicious users to execute arbitrary code via format string specifiers in data that generates a log mess...
Cypherpunks Pidgin-otr
445
VMScore
CVE-2010-1624
The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.7.0 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a custom emoticon in a malformed SLP message.
Pidgin Pidgin
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
505
VMScore
CVE-2010-0013
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to ...
Adium Adium 1.3.8
Pidgin Pidgin 2.6.4
Fedoraproject Fedora 11
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
Opensuse Opensuse
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
1 EDB exploit
668
VMScore
CVE-2017-2640
An out-of-bounds write flaw was found in the way Pidgin prior to 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
Pidgin Pidgin
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 8.0
668
VMScore
CVE-2014-3775
libgadu prior to 1.11.4 and 1.12.0 prior to 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
Libgadu Libgadu 1.12.0
Libgadu Libgadu
445
VMScore
CVE-2007-5379
Rails prior to 1.2.4, as used for Ruby on Rails, allows remote attackers and ActiveResource servers to determine the existence of arbitrary files and read arbitrary XML files via the Hash.from_xml (Hash#from_xml) method, which uses XmlSimple (XML::Simple) unsafely, as demonstrate...
David Hansson Ruby On Rails
828
VMScore
CVE-2009-2404
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) prior to 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a denial of service (applicatio...
Mozilla Network Security Services 3.12.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6