Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
otr vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-1037
Adobe Reader and Acrobat prior to 11.0.16, Acrobat and Acrobat Reader DC Classic prior to 15.006.30172, and Acrobat and Acrobat Reader DC Continuous prior to 15.016.20039 on Windows and OS X allow malicious users to execute arbitrary code or cause a denial of service (memory corr...
Adobe Acrobat Dc
Adobe Acrobat
Adobe Acrobat Reader Dc
Adobe Reader
9.8
CVSSv3
CVE-2015-8833
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin prior to 4.0.2 for Pidgin allows remote malicious users to execute arbitrary code via vectors related to the "Authenticate buddy" menu ...
Cypherpunks Pidgin-otr
9.8
CVSSv3
CVE-2016-2851
Integer overflow in proto.c in libotr prior to 4.1.1 on 64-bit platforms allows remote malicious users to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow.
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Opensuse Opensuse 13.2
Opensuse Leap 42.1
Cypherpunks Libotr
1 EDB exploit
7.8
CVSSv3
CVE-2021-29949
When loading the shared library that provides the OTR protocol implementation, Thunderbird will initially attempt to open it using a filename that isn't distributed by Thunderbird. If a computer has already been infected with a malicious library of the alternative filename, ...
Mozilla Thunderbird
7.5
CVSSv3
CVE-2020-28362
Go prior to 1.14.12 and 1.15.x prior to 1.15.4 allows Denial of Service.
Golang Go
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Netapp Trident -
Netapp Cloud Insights Telegraf Agent -
7.5
CVSSv3
CVE-2019-17596
Go prior to 1.12.11 and 1.3.x prior to 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.
Golang Go
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Developer Tools 1.0
Redhat Enterprise Linux Server 8.1
Opensuse Leap 15.0
Opensuse Leap 15.1
Arista Mos
Arista Eos
Arista Cloudvision Portal 2019.1.2
Arista Cloudvision Portal 2019.1.1
Arista Cloudvision Portal 2019.1.0
Arista Cloudvision Portal
Arista Terminattr
1 Github repository
7.5
CVSSv3
CVE-2016-9107
The OTR plugin for Gajim sends information in cleartext when using XHTML, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Otr Gajim-otr -
5.9
CVSSv3
CVE-2017-2448
An issue exists in certain Apple products. iOS prior to 10.3 is affected. macOS prior to 10.12.4 is affected. tvOS prior to 10.2 is affected. The issue involves the "Keychain" component. It allows man-in-the-middle malicious users to bypass an iCloud Keychain secret pro...
Apple Mac Os X
Apple Watchos
Apple Tvos
Apple Iphone Os
1 Article
5.5
CVSSv3
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
4.5
CVSSv3
CVE-2016-10376
Gajim up to and including 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions.
Gajim Gajim
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »