Vulnerabilities > Pidgin
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-02 | CVE-2022-26491 | Improper Certificate Validation vulnerability in multiple products An issue was discovered in Pidgin before 2.14.9. | 4.3 |
| 2019-11-20 | CVE-2012-1257 | Cleartext Transmission of Sensitive Information vulnerability in Pidgin 2.10.0 Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor. | 2.1 |
| 2018-09-05 | CVE-2016-1000030 | Improper Certificate Validation vulnerability in multiple products Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. | 7.5 |
| 2018-07-27 | CVE-2017-2640 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. | 7.5 |
| 2017-03-29 | CVE-2016-2379 | Inadequate Encryption Strength vulnerability in Pidgin Mxit The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords. | 3.3 |
| 2017-01-06 | CVE-2016-4323 | Path Traversal vulnerability in multiple products A directory traversal exists in the handling of the MXIT protocol in Pidgin. | 5.8 |
| 2017-01-06 | CVE-2016-2380 | Information Exposure vulnerability in multiple products An information leak exists in the handling of the MXIT protocol in Pidgin. | 4.3 |
| 2017-01-06 | CVE-2016-2378 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. | 6.8 |
| 2017-01-06 | CVE-2016-2377 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. | 6.8 |
| 2017-01-06 | CVE-2016-2376 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. | 6.8 |