Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2016-1000030
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 c...
Suse Linux Enterprise Server 11
Pidgin Pidgin
9.8
CVSSv3
CVE-2017-2640
An out-of-bounds write flaw was found in the way Pidgin prior to 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
Pidgin Pidgin
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.5
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server Eus 7.4
Redhat Enterprise Linux Workstation 7.0
Debian Debian Linux 8.0
9.8
CVSSv3
CVE-2015-8833
Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin prior to 4.0.2 for Pidgin allows remote malicious users to execute arbitrary code via vectors related to the "Authenticate buddy" menu ...
Cypherpunks Pidgin-otr
7.5
CVSSv3
CVE-2010-0013
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote malicious users to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to ...
Adium Adium 1.3.8
Pidgin Pidgin 2.6.4
Fedoraproject Fedora 11
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Suse Linux Enterprise 11.0
Opensuse Opensuse
Redhat Enterprise Linux 4.0
Redhat Enterprise Linux 5.0
1 EDB exploit
5.9
CVSSv3
CVE-2022-26491
An issue exists in Pidgin prior to 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing...
Pidgin Pidgin
Debian Debian Linux 9.0
5.5
CVSSv3
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
NA
CVE-2014-3697
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin prior to 2.10.10 on Windows allows remote malicious users to write to arbitrary files via a drive name in a tar archive of a smiley theme.
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.10.8
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.7
Pidgin Pidgin 2.10.6
1 Article
NA
CVE-2014-3775
libgadu prior to 1.11.4 and 1.12.0 prior to 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
Libgadu Libgadu 1.12.0
Libgadu Libgadu
NA
CVE-2013-6486
gtkutils.c in Pidgin prior to 2.10.8 on Windows allows user-assisted remote malicious users to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an ...
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.10.4
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.4.2
NA
CVE-2013-0271
The MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 might allow remote malicious users to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »