20 matches found
EUVD-2013-1237
Malware in sbrugna...
EUVD-2013-6281
Malware in sbrugna...
EUVD-2022-26167
Malicious code in bioql PyPI...
CVE-2022-20917
A vulnerability in the Extensible Messaging and Presence Protocol XMPP message processing feature of Cisco Jabber could allow an authenticated, remote attacker to manipulate the content of XMPP messages that are used by the affected application. This vulnerability is due to the improper handling ...
SUSE CVE-2014-3698
The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...
Zoom Client for Meetings < 5.6.3 Vulnerability (ZSB-21002)
The version of Zoom Client for Meetings installed on the remote host is prior to 5.6.3. It is, therefore, affected by a vulnerability as referenced in the ZSB-21002 advisory. - A heap based buffer overflow exists in all desktop versions of the Zoom Client for Meetings before version 5.6.3. This...
CVE-2021-41055
Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service crash via a crafted XMPP Last Message Correction XEP-0308 message in multi-user chat, where the message ID equals the correction ID...
Cisco Jabber Code Execution Vulnerability (CNVD-2021-22912)
Cisco Jabber is a web conferencing and instant messaging application that allows users to send messages over the Extensible Messaging and Status Protocol XMPP. A code execution vulnerability exists in Cisco Jabber, which is caused by incorrect validation of message content. An attacker can send...
PT-2021-2369 · Cisco · Cisco Jabber For Windows +2
Name of the Vulnerable Software and Affected Versions: Cisco Jabber for Windows affected versions not specified Cisco Jabber for MacOS affected versions not specified Cisco Jabber for mobile platforms affected versions not specified Description: The issue is related to insufficient input validati...
CVE-2014-3698
The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...
Memory corruption
The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...
CVE-2014-3698
The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...
MGASA-2014-0425 Updated pidgin packages fix security vulnerabilities
In Pidgin before 2.10.10, both of libpurple's bundled SSL/TLS plugins one for GnuTLS and one for NSS failed to check that the Basic Constraints extension allowed intermediate certificates to act as CAs. This allowed anyone with any valid certificate to create a fake certificate for any arbitrary...
CVE-2014-3698
The jabberidnvalidate function in jutil.c in the Jabber protocol plugin in libpurple in Pidgin before 2.10.10 allows remote attackers to obtain sensitive information from process memory via a crafted XMPP message...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
Integer overflow
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-1197
The XML parser in the server in Cisco Unified Presence CUP allows remote authenticated users to cause a denial of service jabberd daemon crash via crafted XML content in an XMPP message, aka Bug ID CSCue13912...
Code injection
The XML parser in the server in Cisco Unified Presence CUP allows remote authenticated users to cause a denial of service jabberd daemon crash via crafted XML content in an XMPP message, aka Bug ID CSCue13912...