Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aim vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-30621
Gipsy is a multi-purpose discord bot which aim to be as modular and user-friendly as possible. In versions before 1.3 users can run command on the host machine with sudoer permission. The `!ping` command when provided with an IP or hostname used to run a bash `ping <IP>` wi...
Gipsy Project Gipsy
NA
CVE-2011-4602
The XMPP protocol plugin in libpurple in Pidgin prior to 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote malicious users to cause a denial of service (application crash) via a crafted message.
Pidgin Pidgin
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.5
NA
CVE-2012-2214
proxy.c in libpurple in Pidgin prior to 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
NA
CVE-2012-2318
msg.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.5.5
NA
CVE-2009-3615
The OSCAR protocol plugin in libpurple in Pidgin prior to 2.6.3 and Adium prior to 1.3.7 allows remote malicious users to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client.
Pidgin Pidgin 2.5.9
Adium Adium 1.0.2
Pidgin Pidgin 2.5.8
Adium Adium 1.3.4
Adium Adium 1.1
Adium Adium 1.0.1
Adium Adium 1.0.5
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.6.0
Adium Adium 1.2.7
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Adium Adium 1.1.2
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Adium Adium 1.1.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.1.1
NA
CVE-2011-4603
The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin prior to 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote malicious users to cause a denial of service (application crash) via a crafted message...
Pidgin Pidgin
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.6.5
NA
CVE-2006-1937
Multiple unspecified vulnerabilities in Ethereal 0.10.x up to 0.10.14 allow remote malicious users to cause a denial of service (crash from null dereference) via (1) multiple vectors in H.248, and the (2) X.509if, (3) SRVLOC, (4) H.245, (5) AIM, and (6) general packet dissectors;...
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.0a
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.10.3
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.12
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.0
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.10.6
Ethereal Group Ethereal 0.10.8
Ethereal Group Ethereal 0.10.9
NA
CVE-2003-0357
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and previous versions allow remote malicious users to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
Ethereal Group Ethereal
NA
CVE-2013-1114
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Unity Express prior to 8.0 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCud87527.
Cisco Unity Express Software 7.2
Cisco Unity Express Software 2.2
Cisco Unity Express Software 1.1.1
Cisco Unity Express Software 7.3
Cisco Unity Express Software 1.1.2
Cisco Unity Express Software 2.1.2
Cisco Unity Express Software 2.1
Cisco Unity Express Software 3.2
Cisco Unity Express Software
Cisco Unity Express Software 3.1
Cisco Unity Express Software 7.0
Cisco Unity Express Software 2.2.2
Cisco Unity Express Software 2.3
Cisco Unity Express Software 3.0
Cisco Unity Express Software 7.1
Cisco Unity Express Software 2.1.1
Cisco Unity Express Software 2.0
1 EDB exploit
NA
CVE-2013-1120
Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Unity Express with software prior to 8.0 allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCue35910.
Cisco Unity Express Software
Cisco Unity Express Software 1.1.1
Cisco Unity Express Software 1.1.2
Cisco Unity Express Software 2.0
Cisco Unity Express Software 2.1
Cisco Unity Express Software 2.2
Cisco Unity Express Software 2.3
Cisco Unity Express Software 3.0
Cisco Unity Express Software 3.1
Cisco Unity Express Software 3.2
Cisco Unity Express Software 7.0
Cisco Unity Express Software 7.1
Cisco Unity Express Software 7.2
Cisco Unity Express Software 7.3
Cisco Unity Express
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »