| Bug | Description |
|---|
| CVE-2017-2640 | An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 ... |
| CVE-2016-4323 | A directory traversal exists in the handling of the MXIT protocol in ... |
| CVE-2016-2380 | An information leak exists in the handling of the MXIT protocol in ... |
| CVE-2016-2378 | A buffer overflow vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2377 | A buffer overflow vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2376 | A buffer overflow vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2375 | An exploitable out-of-bounds read exists in the handling of the MXIT ... |
| CVE-2016-2374 | An exploitable memory corruption vulnerability exists in the handling ... |
| CVE-2016-2373 | A denial of service vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2372 | An information leak exists in the handling of the MXIT protocol in ... |
| CVE-2016-2371 | An out-of-bounds write vulnerability exists in the handling of the ... |
| CVE-2016-2370 | A denial of service vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2369 | A NULL pointer dereference vulnerability exists in the handling of the ... |
| CVE-2016-2368 | Multiple memory corruption vulnerabilities exist in the handling of ... |
| CVE-2016-2367 | An information leak exists in the handling of the MXIT protocol in ... |
| CVE-2016-2366 | A denial of service vulnerability exists in the handling of the MXIT ... |
| CVE-2016-2365 | A denial of service vulnerability exists in the handling of the MXIT ... |
| CVE-2016-1000030 | Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates ... |
| CVE-2014-3698 | The jabber_idn_validate function in jutil.c in the Jabber protocol ... |
| CVE-2014-3697 | Absolute path traversal vulnerability in the untar_block function in ... |
| CVE-2014-3696 | nmevent.c in the Novell GroupWise protocol plugin in libpurple in ... |
| CVE-2014-3695 | markup.c in the MXit protocol plugin in libpurple in Pidgin before ... |
| CVE-2014-3694 | The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL ... |
| CVE-2014-0020 | The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not ... |
| CVE-2013-6490 | The SIMPLE protocol functionality in Pidgin before 2.10.8 allows ... |
| CVE-2013-6489 | Integer signedness error in the MXit functionality in Pidgin before ... |
| CVE-2013-6487 | Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu ... |
| CVE-2013-6486 | gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted ... |
| CVE-2013-6485 | Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows ... |
| CVE-2013-6484 | The STUN protocol implementation in libpurple in Pidgin before 2.10.8 ... |
| CVE-2013-6483 | The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not ... |
| CVE-2013-6482 | Pidgin before 2.10.8 allows remote MSN servers to cause a denial of ... |
| CVE-2013-6481 | libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows ... |
| CVE-2013-6479 | util.c in libpurple in Pidgin before 2.10.8 does not properly allocate ... |
| CVE-2013-6478 | gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with ... |
| CVE-2013-6477 | Multiple integer signedness errors in libpurple in Pidgin before ... |
| CVE-2013-0274 | upnp.c in libpurple in Pidgin before 2.10.7 does not properly ... |
| CVE-2013-0273 | sametime.c in the Sametime protocol plugin in libpurple in Pidgin ... |
| CVE-2013-0272 | Buffer overflow in http.c in the MXit protocol plugin in libpurple in ... |
| CVE-2013-0271 | The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might ... |
| CVE-2012-6152 | The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does ... |
| CVE-2012-3374 | Buffer overflow in markup.c in the MXit protocol plugin in libpurple ... |
| CVE-2012-2318 | msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 ... |
| CVE-2012-2214 | proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle ... |
| CVE-2012-1178 | The msn_oim_report_to_user function in oim.c in the MSN protocol ... |
| CVE-2011-4939 | The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin ... |
| CVE-2011-4922 | cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 ... |
| CVE-2011-4603 | The silc_channel_message function in ops.c in the SILC protocol plugin ... |
| CVE-2011-4602 | The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ... |
| CVE-2011-4601 | family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin ... |
| CVE-2011-3594 | The g_markup_escape_text function in the SILC protocol plug-in in ... |
| CVE-2011-3185 | gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted ... |
| CVE-2011-3184 | The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ... |
| CVE-2011-2943 | The irc_msg_who function in msgs.c in the IRC protocol plugin in ... |
| CVE-2011-1091 | libymsg.c in the Yahoo! protocol plugin in libpurple in Pidgin 2.6.0 ... |
| CVE-2010-4528 | directconn.c in the MSN protocol plugin in libpurple 2.7.6 through ... |
| CVE-2010-3711 | libpurple in Pidgin before 2.7.4 does not properly validate the return ... |
| CVE-2010-2528 | The clientautoresp function in family_icbm.c in the oscar protocol ... |
| CVE-2010-1624 | The msn_emoticon_msg function in slp.c in the MSN protocol plugin in ... |
| CVE-2010-0423 | gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a ... |
| CVE-2010-0420 | libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user ... |
| CVE-2010-0277 | slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, ... |
| CVE-2010-0013 | Directory traversal vulnerability in slp.c in the MSN protocol plugin ... |
| CVE-2009-3615 | The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and ... |
| CVE-2009-3085 | The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ... |
| CVE-2009-3084 | The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c ... |
| CVE-2009-3083 | The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the ... |
| CVE-2009-3026 | protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly ... |
| CVE-2009-3025 | Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to ... |
| CVE-2009-2703 | libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple ... |
| CVE-2009-2694 | The msn_slplink_process_msg function in ... |
| CVE-2009-1889 | The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets ... |
| CVE-2009-1376 | Multiple integer overflows in the msn_slplink_process_msg functions in ... |
| CVE-2009-1375 | The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before ... |
| CVE-2009-1374 | Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) ... |
| CVE-2009-1373 | Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin ... |
| CVE-2008-3532 | The NSS plugin in libpurple in Pidgin 2.4.3 does not verify SSL ... |
| CVE-2008-2957 | The UPnP functionality in Pidgin 2.0.0, and possibly other versions, ... |
| CVE-2008-2955 | Pidgin 2.4.1 allows remote attackers to cause a denial of service ... |
| CVE-2008-2927 | Multiple integer overflows in the msn_slplink_process_msg functions in ... |
| CVE-2007-4999 | libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, ... |
| CVE-2007-4996 | libpurple in Pidgin before 2.2.1 does not properly handle MSN nudge ... |