| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-2640 | 7.5 |
An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
|
09-10-2019 - 23:27 | 27-07-2018 - 18:29 | |
| CVE-2014-3694 | 6.4 |
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows m
|
30-10-2018 - 16:27 | 29-10-2014 - 10:55 | |
| CVE-2014-3696 | 5.0 |
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 | |
| CVE-2014-3695 | 5.0 |
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 | |
| CVE-2014-3698 | 5.0 |
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
|
05-01-2018 - 02:29 | 29-10-2014 - 10:55 |