Search CVE reports
1 – 10 of 91 results
CVE-2022-33070
Medium prioritySome fixes available 8 of 73
Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_and_wiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
9 affected packages
argyll, ccextractor, libgadu, libpg-query, libsignal-protocol-c...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
argyll | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ccextractor | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
libgadu | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
libpg-query | Needs evaluation | Needs evaluation | — | — | — |
libsignal-protocol-c | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | — |
ocserv | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
pidgin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
protobuf-c | Fixed | Fixed | Fixed | Needs evaluation | Needs evaluation |
sudo | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2022-26491
Medium priorityAn issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2012-1257
Low priorityPidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | — |
CVE-2016-1000030
Medium priorityPidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Not affected |
CVE-2016-2379
Low priorityThe Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to (1) decrypt hashed passwords by leveraging knowledge of client registration codes or (2) gain login access by eavesdropping on...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-2640
Medium priorityAn out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process.
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Fixed |
CVE-2016-4323
Medium priorityA directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Fixed |
CVE-2016-2380
Medium priorityAn information leak exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent to the server could potentially result in an out-of-bounds read. A user could be convinced to enter a particular string...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Fixed |
CVE-2016-2378
Medium priorityA buffer overflow vulnerability exists in the handling of the MXIT protocol Pidgin. Specially crafted data sent via the server could potentially result in a buffer overflow, potentially resulting in memory corruption. A malicious...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Fixed |
CVE-2016-2377
Medium priorityA buffer overflow vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent by the server could potentially result in an out-of-bounds write of one byte. A malicious server can send...
1 affected package
pidgin
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
pidgin | — | — | — | — | Fixed |