Vulnerabilities > Pidgin

DATE CVE VULNERABILITY TITLE RISK
2019-11-20 CVE-2012-1257 Cleartext Transmission of Sensitive Information vulnerability in Pidgin 2.10.0
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
local
low complexity
pidgin CWE-319
2.1
2018-09-05 CVE-2016-1000030 Improper Certificate Validation vulnerability in multiple products
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution.
network
low complexity
suse pidgin CWE-295
7.5
2018-07-27 CVE-2017-2640 Out-Of-Bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content.
network
low complexity
pidgin debian redhat CWE-787
7.5
2017-03-29 CVE-2016-2379 Inadequate Encryption Strength vulnerability in Pidgin Mxit
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords.
low complexity
pidgin CWE-326
3.3
2017-01-06 CVE-2016-4323 Path Traversal vulnerability in multiple products
A directory traversal exists in the handling of the MXIT protocol in Pidgin.
5.8
2017-01-06 CVE-2016-2380 Information Exposure vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin.
4.3
2017-01-06 CVE-2016-2378 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin.
6.8
2017-01-06 CVE-2016-2377 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
6.8
2017-01-06 CVE-2016-2376 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
6.8
2017-01-06 CVE-2016-2375 Out-Of-Bounds Read vulnerability in multiple products
An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin.
network
low complexity
pidgin canonical debian CWE-125
5.0