Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jabber vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2017-18226
The Gentoo net-im/jabberd2 package up to and including 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "...
Jabberd2 Jabberd2
5
CVSSv2
CVE-2020-7912
In JetBrains YouTrack prior to 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
Jetbrains Youtrack
5
CVSSv2
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without...
Pidgin Pidgin 2.6.0
7.5
CVSSv2
CVE-2002-0384
Buffer overflow in Jabber plug-in for Gaim client prior to 0.58 allows remote malicious users to execute arbitrary code.
Rob Flynn Gaim 0.51
Rob Flynn Gaim 0.52
Rob Flynn Gaim 0.53
Rob Flynn Gaim 0.54
Rob Flynn Gaim 0.56
Rob Flynn Gaim 0.55
Rob Flynn Gaim 0.57
6.8
CVSSv2
CVE-2013-1431
The Wocky module in Telepathy Gabble prior to 0.16.6 and 0.17.x prior to 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote malicious users to bypass TLS verification and perform a man...
Simon Mcvittie Telepathy Gabble
Simon Mcvittie Telepathy Gabble 0.16.3
Simon Mcvittie Telepathy Gabble 0.16.1
Simon Mcvittie Telepathy Gabble 0.16.0
Simon Mcvittie Telepathy Gabble 0.17.3
Simon Mcvittie Telepathy Gabble 0.17.2
Simon Mcvittie Telepathy Gabble 0.17.1
Simon Mcvittie Telepathy Gabble 0.17.0
Simon Mcvittie Telepathy Gabble 0.16.4
Simon Mcvittie Telepathy Gabble 0.16.2
6.8
CVSSv2
CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape prior to 0.45.1 allows user-assisted remote malicious users to execute arbitrary code via unspecified vectors.
Inkscape Inkscape
4.3
CVSSv2
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
5
CVSSv2
CVE-2005-0967
Gaim 1.2.0 allows remote malicious users to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
Rob Flynn Gaim 1.2.0
5
CVSSv2
CVE-2006-1329
The SASL negotiation in Jabber Studio jabberd prior to 2.0s11 allows remote malicious users to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Jabberstudio Jabberd 2.0 B2
Jabberstudio Jabberd 2.0 B3
Jabberstudio Jabberd 2.0 S5
Jabberstudio Jabberd 2.0 S6
Jabberstudio Jabberd 2.0 A1
Jabberstudio Jabberd 2.0 A2
Jabberstudio Jabberd 2.0 A3
Jabberstudio Jabberd 2.0 Rc1
Jabberstudio Jabberd 2.0 Rc2
Jabberstudio Jabberd 2.0 S7
Jabberstudio Jabberd 2.0 S8
Jabberstudio Jabberd 2.0 A4
Jabberstudio Jabberd 2.0 A5
Jabberstudio Jabberd 2.0 S1
Jabberstudio Jabberd 2.0 S2
Jabberstudio Jabberd 2.0 S9
Jabberstudio Jabberd
Jabberstudio Jabberd 2.0 A6
Jabberstudio Jabberd 2.0 B1
Jabberstudio Jabberd 2.0 S3
Jabberstudio Jabberd 2.0 S4
4.3
CVSSv2
CVE-2007-3910
Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote malicious users to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs.
Bandersnatch Bandersnatch 0.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »