Max CVSS 6.4 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2014-3694 6.4
The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/TLS plugin in libpurple in Pidgin before 2.10.10 do not properly consider the Basic Constraints extension during verification of X.509 certificates from SSL servers, which allows m
30-10-2018 - 16:27 29-10-2014 - 10:55
CVE-2014-3696 5.0
nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a crafted server message that triggers a large memory allocation.
05-01-2018 - 02:29 29-10-2014 - 10:55
CVE-2014-3695 5.0
markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.10.10 allows remote servers to cause a denial of service (application crash) via a large length value in an emoticon response.
05-01-2018 - 02:29 29-10-2014 - 10:55
CVE-2014-3698 5.0
The jabber_idn_validate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message.
05-01-2018 - 02:29 29-10-2014 - 10:55
Back to Top Mark selected
Back to Top