Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-4996
libpurple in Pidgin prior to 2.2.1 does not properly handle MSN nudge messages from users who are not on the receiver's buddy list, which allows remote malicious users to cause a denial of service (crash) via a nudge message that triggers an access of "an invalid memory...
Pidgin Pidgin 2.2.0
356
VMScore
CVE-2011-1091
libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 up to and including 2.7.10 allows (1) remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a malformed YMSG notification packet, and allows (2) remote Yaho...
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
356
VMScore
CVE-2010-4528
directconn.c in the MSN protocol plugin in libpurple 2.7.6 up to and including 2.7.8 in Pidgin prior to 2.7.9 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a short p2pv2 packet in a DirectConnect (aka direct co...
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin
Pidgin Libpurple 2.7.6
Pidgin Libpurple 2.7.7
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.7.1
356
VMScore
CVE-2010-3711
libpurple in Pidgin prior to 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted message, related to the plugins...
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
356
VMScore
CVE-2010-2528
The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin prior to 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag ...
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.7.0
Pidgin Pidgin
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
312
VMScore
CVE-2012-2214
proxy.c in libpurple in Pidgin prior to 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.8.0
258
VMScore
CVE-2013-0274
upnp.c in libpurple in Pidgin prior to 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote malicious users to cause a denial of service (application crash) by leveraging access to the local network.
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
215
VMScore
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
187
VMScore
CVE-2011-4922
cipher.c in the Cipher API in libpurple in Pidgin prior to 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6