| Bug | Description |
|---|
| CVE-2017-2640 | An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 ... |
| CVE-2016-1000030 | Pidgin version <2.11.0 contains a vulnerability in X.509 Certificat ... |
| CVE-2016-4323 | A directory traversal exists in the handling of the MXIT protocol in P ... |
| CVE-2016-2380 | An information leak exists in the handling of the MXIT protocol in Pid ... |
| CVE-2016-2378 | A buffer overflow vulnerability exists in the handling of the MXIT pro ... |
| CVE-2016-2377 | A buffer overflow vulnerability exists in the handling of the MXIT pro ... |
| CVE-2016-2376 | A buffer overflow vulnerability exists in the handling of the MXIT pro ... |
| CVE-2016-2375 | An exploitable out-of-bounds read exists in the handling of the MXIT p ... |
| CVE-2016-2374 | An exploitable memory corruption vulnerability exists in the handling ... |
| CVE-2016-2373 | A denial of service vulnerability exists in the handling of the MXIT p ... |
| CVE-2016-2372 | An information leak exists in the handling of the MXIT protocol in Pid ... |
| CVE-2016-2371 | An out-of-bounds write vulnerability exists in the handling of the MXI ... |
| CVE-2016-2370 | A denial of service vulnerability exists in the handling of the MXIT p ... |
| CVE-2016-2369 | A NULL pointer dereference vulnerability exists in the handling of the ... |
| CVE-2016-2368 | Multiple memory corruption vulnerabilities exist in the handling of th ... |
| CVE-2016-2367 | An information leak exists in the handling of the MXIT protocol in Pid ... |
| CVE-2016-2366 | A denial of service vulnerability exists in the handling of the MXIT p ... |
| CVE-2016-2365 | A denial of service vulnerability exists in the handling of the MXIT p ... |
| CVE-2014-3698 | The jabber_idn_validate function in jutil.c in the Jabber protocol plu ... |
| CVE-2014-3697 | Absolute path traversal vulnerability in the untar_block function in w ... |
| CVE-2014-3696 | nmevent.c in the Novell GroupWise protocol plugin in libpurple in Pidg ... |
| CVE-2014-3695 | markup.c in the MXit protocol plugin in libpurple in Pidgin before 2.1 ... |
| CVE-2014-3694 | The (1) bundled GnuTLS SSL/TLS plugin and the (2) bundled OpenSSL SSL/ ... |
| CVE-2014-0020 | The IRC protocol plugin in libpurple in Pidgin before 2.10.8 does not ... |
| CVE-2013-6490 | The SIMPLE protocol functionality in Pidgin before 2.10.8 allows remot ... |
| CVE-2013-6489 | Integer signedness error in the MXit functionality in Pidgin before 2. ... |
| CVE-2013-6487 | Integer overflow in libpurple/protocols/gg/lib/http.c in the Gadu-Gadu ... |
| CVE-2013-6486 | gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted rem ... |
| CVE-2013-6485 | Buffer overflow in util.c in libpurple in Pidgin before 2.10.8 allows ... |
| CVE-2013-6484 | The STUN protocol implementation in libpurple in Pidgin before 2.10.8 ... |
| CVE-2013-6483 | The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not ... |
| CVE-2013-6482 | Pidgin before 2.10.8 allows remote MSN servers to cause a denial of se ... |
| CVE-2013-6481 | libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows rem ... |
| CVE-2013-6479 | util.c in libpurple in Pidgin before 2.10.8 does not properly allocate ... |
| CVE-2013-6478 | gtkimhtml.c in Pidgin before 2.10.8 does not properly interact with un ... |
| CVE-2013-6477 | Multiple integer signedness errors in libpurple in Pidgin before 2.10. ... |
| CVE-2013-0274 | upnp.c in libpurple in Pidgin before 2.10.7 does not properly terminat ... |
| CVE-2013-0273 | sametime.c in the Sametime protocol plugin in libpurple in Pidgin befo ... |
| CVE-2013-0272 | Buffer overflow in http.c in the MXit protocol plugin in libpurple in ... |
| CVE-2013-0271 | The MXit protocol plugin in libpurple in Pidgin before 2.10.7 might al ... |
| CVE-2012-6152 | The Yahoo! protocol plugin in libpurple in Pidgin before 2.10.8 does n ... |
| CVE-2012-3374 | Buffer overflow in markup.c in the MXit protocol plugin in libpurple i ... |
| CVE-2012-2318 | msg.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.4 ... |
| CVE-2012-2214 | proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle ... |
| CVE-2012-1178 | CVE-2012-1178 pidgin: Client abort in the MSN protocol plug-in by atte ... |
| CVE-2011-4939 | The pidgin_conv_chat_rename_user function in gtkconv.c in Pidgin befor ... |
| CVE-2011-4922 | CVE-2011-4922 Cipher API information disclosure in pidgin ... |
| CVE-2011-4603 | The silc_channel_message function in ops.c in the SILC protocol plugin ... |
| CVE-2011-4602 | The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not ... |
| CVE-2011-4601 | family_feedbag.c in the oscar protocol plugin in libpurple in Pidgin b ... |
| CVE-2011-3594 | The g_markup_escape_text function in the SILC protocol plug-in in libp ... |
| CVE-2011-3185 | gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted rem ... |
| CVE-2011-3184 | The msn_httpconn_parse_data function in httpconn.c in the MSN protocol ... |
| CVE-2011-2943 | The irc_msg_who function in msgs.c in the IRC protocol plugin in libpu ... |
| CVE-2011-1091 | CVE-2011-1091 Pidgin: Multiple NULL pointer dereference flaws in Yahoo ... |
| CVE-2010-4528 | directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7 ... |
| CVE-2010-3711 | CVE-2010-3711 Pidgin (libpurple): Multiple DoS (crash) flaws by proces ... |
| CVE-2010-2528 | The clientautoresp function in family_icbm.c in the oscar protocol plu ... |
| CVE-2010-1624 | CVE-2010-1624 Pidgin: MSN SLP emoticon DoS (NULL pointer dereference) ... |
| CVE-2010-0423 | CVE-2010-0423 pidgin: Smiley Denial of Service ... |
| CVE-2010-0420 | CVE-2010-0420 pidgin: Finch XMPP MUC Crash ... |
| CVE-2010-0277 | slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, ... |
| CVE-2010-0013 | CVE-2010-0013 pidgin/libpurple: MSN custom smiley request directory tr ... |
| CVE-2009-3615 | CVE-2009-3615 Pidgin: Invalid pointer dereference (crash) after receiv ... |
| CVE-2009-3085 | The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not ... |
| CVE-2009-3084 | The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c ... |
| CVE-2009-3083 | The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the ... |
| CVE-2009-3026 | protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly oth ... |
| CVE-2009-3025 | Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to c ... |
| CVE-2009-2703 | libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple ... |
| CVE-2009-2694 | The msn_slplink_process_msg function in libpurple/protocols/msn/slplin ... |
| CVE-2009-1889 | CVE-2009-1889 pidgin: DoS via specially-crafted ICQWebMessage ... |
| CVE-2009-1376 | CVE-2009-1376 pidgin incomplete fix for CVE-2008-2927 ... |
| CVE-2009-1375 | CVE-2009-1375 pidgin PurpleCircBuffer corruption ... |
| CVE-2009-1374 | CVE-2009-1374 pidgin DoS when decrypting qq packets ... |
| CVE-2009-1373 | CVE-2009-1373 pidgin file transfer buffer overflow ... |
| CVE-2008-3532 | CVE-2008-3532 pidgin: NSS plugin doesn't verify SSL certificates ... |
| CVE-2008-2957 | CVE-2008-2957 pidgin: unrestricted download of arbitrary files trigger ... |
| CVE-2008-2955 | CVE-2008-2955 pidgin: remote DoS via MSN message with crafted file nam ... |
| CVE-2008-2927 | CVE-2008-2927 pidgin MSN integer overflow ... |
| CVE-2007-4999 | libpurple in Pidgin 2.1.0 through 2.2.1, when using HTML logging, allo ... |
| CVE-2007-4996 | CVE-2007-4996 MSN nudges sent from unknown buddies can cause libpurple ... |