Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2013-4166 | 5.0 |
The gpg_ctx_add_recipient function in camel/camel-gpg-context.c in GNOME Evolution 3.8.4 and earlier and Evolution Data Server 3.9.5 and earlier does not properly select the GPG key to use for email encryption, which might cause the email to be encry
|
13-02-2023 - 00:28 | 06-02-2020 - 15:15 | |
CVE-2017-2640 | 7.5 |
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
|
09-10-2019 - 23:27 | 27-07-2018 - 18:29 | |
CVE-2018-5819 | 7.8 |
An error within the "parse_sinar_ia()" function (internal/dcraw_common.cpp) within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources.
|
21-05-2019 - 16:29 | 20-02-2019 - 18:29 | |
CVE-2012-3374 | 7.5 |
Buffer overflow in markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.5 allows remote attackers to execute arbitrary code via a crafted inline image in a message.
|
01-12-2017 - 02:29 | 07-07-2012 - 10:21 | |
CVE-2013-0274 | 2.9 |
upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminate long strings in UPnP responses, which allows remote attackers to cause a denial of service (application crash) by leveraging access to the local network.
|
19-09-2017 - 01:35 | 16-02-2013 - 21:55 | |
CVE-2011-4602 | 5.0 |
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message.
|
19-09-2017 - 01:34 | 17-12-2011 - 03:54 | |
CVE-2011-4922 | 2.1 |
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
|
19-09-2017 - 01:34 | 08-08-2012 - 10:26 | |
CVE-2010-3711 | 4.0 |
libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_decode function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via a crafted mes
|
19-09-2017 - 01:31 | 28-10-2010 - 00:00 | |
CVE-2014-0020 | 5.0 |
The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not validate argument counts, which allows remote IRC servers to cause a denial of service (application crash) via a crafted message.
|
16-03-2014 - 04:43 | 06-02-2014 - 16:10 |