Vulnerabilities > Pidgin

DATE CVE VULNERABILITY TITLE RISK
2022-06-02 CVE-2022-26491 Improper Certificate Validation vulnerability in multiple products
An issue was discovered in Pidgin before 2.14.9.
4.3
2019-11-20 CVE-2012-1257 Cleartext Transmission of Sensitive Information vulnerability in Pidgin 2.10.0
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
local
low complexity
pidgin CWE-319
2.1
2018-09-05 CVE-2016-1000030 Improper Certificate Validation vulnerability in multiple products
Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution.
network
low complexity
suse pidgin CWE-295
7.5
2018-07-27 CVE-2017-2640 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content.
network
low complexity
pidgin debian redhat CWE-787
7.5
2017-03-29 CVE-2016-2379 Inadequate Encryption Strength vulnerability in Pidgin Mxit
The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on login messages and re-using the hashed passwords.
low complexity
pidgin CWE-326
3.3
2017-01-06 CVE-2016-4323 Path Traversal vulnerability in multiple products
A directory traversal exists in the handling of the MXIT protocol in Pidgin.
5.8
2017-01-06 CVE-2016-2380 Information Exposure vulnerability in multiple products
An information leak exists in the handling of the MXIT protocol in Pidgin.
4.3
2017-01-06 CVE-2016-2378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin.
6.8
2017-01-06 CVE-2016-2377 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
6.8
2017-01-06 CVE-2016-2376 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin.
6.8