CVE Tools

pidgin

Communicationsoss-project

61

Cumulative CVEs

22

Monthly snapshots

#11

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting pidgin.

CVE-2019-25544Pidgin 2.13.0 Denial of Service via Malformed Username6.2Mar 21, 2026
CVE-2022-26491An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verifi...5.9May 31, 2022
CVE-2012-1257Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.5.5Nov 20, 2019
CVE-2016-1000030Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can r...9.8Sep 5, 2018
CVE-2017-2640An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in t...7.5Jul 27, 2018
CVE-2016-2379The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain l...8.8Mar 29, 2017
CVE-2016-4323A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server o...3.7Jan 6, 2017
CVE-2016-2380An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convince...3.1Jan 6, 2017
CVE-2016-2378A buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting i...8.1Jan 6, 2017
CVE-2016-2377A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte....8.1Jan 6, 2017
CVE-2016-2376A buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in arbitrary code execution. A malic...8.1Jan 6, 2017
CVE-2016-2375An exploitable out-of-bounds read exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT contact information sent from the server can result in memory disclosure.5.3Jan 6, 2017
CVE-2016-2374An exploitable memory corruption vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT MultiMX message sent via the server can result in an out-of-bounds write...8.1Jan 6, 2017
CVE-2016-2373A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicio...5.9Jan 6, 2017
CVE-2016-2372An information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in an out-of-bounds read. A malicious user, serve...5.9Jan 6, 2017