Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
pidgin pidgin 2.10.4 vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2014-3697
Absolute path traversal vulnerability in the untar_block function in win32/untar.c in Pidgin prior to 2.10.10 on Windows allows remote malicious users to write to arbitrary files via a drive name in a tar archive of a smiley theme.
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.10.8
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.7
Pidgin Pidgin 2.10.6
1 Article
187
VMScore
CVE-2011-4922
cipher.c in the Cipher API in libpurple in Pidgin prior to 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.1.1
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.10.0
828
VMScore
CVE-2013-6486
gtkutils.c in Pidgin prior to 2.10.8 on Windows allows user-assisted remote malicious users to execute arbitrary programs via a message containing a file: URL that is improperly handled during construction of an explorer.exe command. NOTE: this vulnerability exists because of an ...
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.6.3
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.10.4
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.7.5
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.5.6
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.4.2
445
VMScore
CVE-2013-0273
sametime.c in the Sametime protocol plugin in libpurple in Pidgin prior to 2.10.7 does not properly terminate long user IDs, which allows remote servers to cause a denial of service (application crash) via a crafted packet.
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.4.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.1.0
Pidgin Pidgin 2.0.1
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.5.6
445
VMScore
CVE-2013-0271
The MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 might allow remote malicious users to create or overwrite files via a crafted (1) mxit or (2) mxit/imagestrips pathname.
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.5.1
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
605
VMScore
CVE-2013-0272
Buffer overflow in http.c in the MXit protocol plugin in libpurple in Pidgin prior to 2.10.7 allows remote servers to execute arbitrary code via a long HTTP header.
Pidgin Pidgin 2.10.5
Pidgin Pidgin 2.10.3
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.7.7
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.4.2
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.0
258
VMScore
CVE-2013-0274
upnp.c in libpurple in Pidgin prior to 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote malicious users to cause a denial of service (application crash) by leveraging access to the local network.
Pidgin Pidgin 2.10.4
Pidgin Pidgin
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.8.0
Pidgin Pidgin 2.7.11
Pidgin Pidgin 2.7.10
Pidgin Pidgin 2.7.9
Pidgin Pidgin 2.6.1
Pidgin Pidgin 2.6.2
Pidgin Pidgin 2.5.0
Pidgin Pidgin 2.5.1
Pidgin Pidgin 2.3.1
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.7.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.6.5
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.5.2
312
VMScore
CVE-2012-2214
proxy.c in libpurple in Pidgin prior to 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service (application crash) via a sequence of XMPP file-transfer requests.
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.7.4
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.4.1
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.5.3
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.6.0
Pidgin Pidgin 2.0.2
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.10.2
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.8.0
445
VMScore
CVE-2012-2318
msg.c in the MSN protocol plugin in libpurple in Pidgin prior to 2.10.4 does not properly handle crafted characters, which allows remote servers to cause a denial of service (application crash) by placing these characters in a text/plain message.
Pidgin Pidgin 2.7.6
Pidgin Pidgin 2.7.7
Pidgin Pidgin 2.5.5
Pidgin Pidgin 2.0.0
Pidgin Pidgin 2.5.2
Pidgin Pidgin 2.5.8
Pidgin Pidgin 2.7.2
Pidgin Pidgin 2.7.0
Pidgin Pidgin 2.10.0
Pidgin Pidgin 2.10.1
Pidgin Pidgin 2.9.0
Pidgin Pidgin 2.5.9
Pidgin Pidgin 2.4.3
Pidgin Pidgin 2.7.8
Pidgin Pidgin 2.5.4
Pidgin Pidgin 2.3.0
Pidgin Pidgin 2.2.2
Pidgin Pidgin 2.6.4
Pidgin Pidgin 2.7.1
Pidgin Pidgin 2.5.7
Pidgin Pidgin 2.2.1
Pidgin Pidgin 2.7.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started