Pidgin
This hub aggregates every CVE we track for Pidgin, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
87
CVEs tracked
7
Critical
11
High
0
In CISA KEV
Severity distribution
MEDIUM64HIGH11CRITICAL7LOW5
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Pidgin.
- CVE-2019-25544Pidgin 2.13.0 Denial of Service via Malformed Username6.2
- CVE-2022-26491An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verifi...5.9
- CVE-2012-1257Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.5.5
- CVE-2016-1000030Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can r...9.8
- CVE-2017-2640An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in t...7.5
- CVE-2016-4323A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server o...3.7
- CVE-2016-2368Multiple memory corruption vulnerabilities exist in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could result in multiple buffer overflows, potential...8.1
- CVE-2016-2371An out-of-bounds write vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could cause memory corruption resulting in code execution.8.1
- CVE-2016-2378A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting i...8.1
- CVE-2016-2380An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convince...3.1
- CVE-2016-2370A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an out-of-bounds read. A malici...5.9
- CVE-2016-2367An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, serve...5.9
- CVE-2016-2376A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malic...8.1
- CVE-2016-2374An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write...8.1
- CVE-2016-2372An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, serve...5.9
Product normalization is registry-driven with AI assist and human review. How it works