Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jabber vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2017-18226
The Gentoo net-im/jabberd2 package up to and including 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "...
Jabberd2 Jabberd2
445
VMScore
CVE-2020-7912
In JetBrains YouTrack prior to 2019.2.59309, SMTP/Jabber settings could be accessed using backups.
Jetbrains Youtrack
445
VMScore
CVE-2009-3026
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without...
Pidgin Pidgin 2.6.0
668
VMScore
CVE-2002-0384
Buffer overflow in Jabber plug-in for Gaim client prior to 0.58 allows remote malicious users to execute arbitrary code.
Rob Flynn Gaim 0.51
Rob Flynn Gaim 0.52
Rob Flynn Gaim 0.53
Rob Flynn Gaim 0.54
Rob Flynn Gaim 0.56
Rob Flynn Gaim 0.55
Rob Flynn Gaim 0.57
605
VMScore
CVE-2013-1431
The Wocky module in Telepathy Gabble prior to 0.16.6 and 0.17.x prior to 0.17.4, when connecting to a "legacy Jabber server," does not properly enforce the WockyConnector:tls-required flag, which allows remote malicious users to bypass TLS verification and perform a man...
Simon Mcvittie Telepathy Gabble
Simon Mcvittie Telepathy Gabble 0.16.3
Simon Mcvittie Telepathy Gabble 0.16.1
Simon Mcvittie Telepathy Gabble 0.16.0
Simon Mcvittie Telepathy Gabble 0.17.3
Simon Mcvittie Telepathy Gabble 0.17.2
Simon Mcvittie Telepathy Gabble 0.17.1
Simon Mcvittie Telepathy Gabble 0.17.0
Simon Mcvittie Telepathy Gabble 0.16.4
Simon Mcvittie Telepathy Gabble 0.16.2
605
VMScore
CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape prior to 0.45.1 allows user-assisted remote malicious users to execute arbitrary code via unspecified vectors.
Inkscape Inkscape
435
VMScore
CVE-2005-0818
Cross-site scripting (XSS) vulnerability in PunBB 1.2.3 allows remote malicious users to inject arbitrary web script or HTML via the (1) email or (2) Jabber parameters.
Punbb Punbb 1.2.3
1 EDB exploit
445
VMScore
CVE-2005-0967
Gaim 1.2.0 allows remote malicious users to cause a denial of service (application crash) via a malformed file transfer request to a Jabber user, which leads to an out-of-bounds read.
Rob Flynn Gaim 1.2.0
445
VMScore
CVE-2006-1329
The SASL negotiation in Jabber Studio jabberd prior to 2.0s11 allows remote malicious users to cause a denial of service ("c2s segfault") by sending a "response stanza before an auth stanza".
Jabberstudio Jabberd 2.0 B2
Jabberstudio Jabberd 2.0 B3
Jabberstudio Jabberd 2.0 S5
Jabberstudio Jabberd 2.0 S6
Jabberstudio Jabberd 2.0 A1
Jabberstudio Jabberd 2.0 A2
Jabberstudio Jabberd 2.0 A3
Jabberstudio Jabberd 2.0 Rc1
Jabberstudio Jabberd 2.0 Rc2
Jabberstudio Jabberd 2.0 S7
Jabberstudio Jabberd 2.0 S8
Jabberstudio Jabberd 2.0 A4
Jabberstudio Jabberd 2.0 A5
Jabberstudio Jabberd 2.0 S1
Jabberstudio Jabberd 2.0 S2
Jabberstudio Jabberd 2.0 S9
Jabberstudio Jabberd
Jabberstudio Jabberd 2.0 A6
Jabberstudio Jabberd 2.0 B1
Jabberstudio Jabberd 2.0 S3
Jabberstudio Jabberd 2.0 S4
383
VMScore
CVE-2007-3910
Cross-site scripting (XSS) vulnerability in Bandersnatch 0.4 allows remote malicious users to inject arbitrary JavaScript via a Jabber resource name and possibly other data items, which are stored in conversation logs.
Bandersnatch Bandersnatch 0.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »