Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin 2.10.0 vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2012-1257
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
Pidgin Pidgin 2.10.0
1 EDB exploit
NA
CVE-2014-3697
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin prior to 2.10.10 on Windows allows remote malicious users to write to arbitrary files via a drive name in a tar archive of a smiley theme.
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.10.8
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.7
Pidgin Pidgin 2.10.6
1 Article
NA
CVE-2013-6486
gtkutils.c in Pidgin prior to 2.10.8 on Windows allows user-assisted remote malicious users to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an ...
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.10.4
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.4.2
NA
CVE-2013-0271
The MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 might allow remote malicious users to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
NA
CVE-2013-0272
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.7
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.0
NA
CVE-2013-0273
sametime.c in the Sametime protocol plugin in libpurple in Pidgin prior to 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
NA
CVE-2013-0274
upnp.c in libpurple in Pidgin prior to 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote malicious users to cause a denial of service (application crash) by leveraging access to the local network.
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
NA
CVE-2011-4922
cipher.c in the Cipher API in libpurple in Pidgin prior to 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.10.0
NA
CVE-2012-3374
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.5 allows remote malicious users to execute arbitrary code via a crafted inline image in a message.
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.6.6
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.2.0
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
NA
CVE-2012-2318
msg.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.7.9
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »