Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
windows messenger vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-5144
Buffer overflow in the GDI engine in Windows Live Messenger, as used for Windows MSN Live 8.1, allows user-assisted remote malicious users to cause a denial of service (application crash or system crash) and possibly execute arbitrary code by placing a malformed file in a new fol...
Microsoft Windows Live Messenger 8.1
383
VMScore
CVE-2006-6252
Microsoft Windows Live Messenger 8.0 and previous versions, when gestual emoticons are enabled, allows remote malicious users to cause a denial of service (CPU consumption) via a long string composed of ":D" sequences, which are interpreted as emoticons.
Microsoft Windows Live Messenger
357
VMScore
CVE-2018-17780
Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P connections are accepted from clients outside of the My Contacts list.
Telegram Telegram Messenger 3.3.0.0
Telegram Telegram Desktop 1.3.14
1 Article
232
VMScore
CVE-2016-0701
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 prior to 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote malicious users to discover a private DH exponent by making multiple ha...
Openssl Openssl 1.0.2a
Openssl Openssl 1.0.2e
Openssl Openssl 1.0.2b
Openssl Openssl 1.0.2c
Openssl Openssl 1.0.2
Openssl Openssl 1.0.2d
1 Article
231
VMScore
CVE-2015-1787
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 prior to 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote malicious users to cause a denial of service (daemon crash) via a ClientKeyExchange message w...
Openssl Openssl 1.0.2
231
VMScore
CVE-2006-4066
The Graphical Device Interface Plus library (gdiplus.dll) in Microsoft Windows XP SP2 allows context-dependent malicious users to cause a denial of service (application crash) via certain images that trigger a divide-by-zero error, as demonstrated by a (1) .ico file, (2) .png fil...
Microsoft Windows Xp
NA
CVE-2023-3434
Improper Input Validation in the hyperlink interpretation in Savoir-faire Linux's Jami (version 20222284) on Windows. This allows an malicious user to send a custom HTML anchor tag to pass a string value to the Windows QRC Handler through the Jami messenger.
Savoirfairelinux Jami 20222284
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5