Lucene search
K

24 matches found

Tenable Nessus
Tenable Nessus
added 2023/07/20 12:0 a.m.24 views

Amazon Linux 2 : pidgin (ALAS-2023-2115)

The version of pidgin installed on the remote host is prior to 2.10.11-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2115 advisory. An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to...

5.9CVSS6.6AI score0.02419EPSS
Exploits0References4
Amazon
Amazon
added 2023/07/19 12:0 a.m.20 views

Medium: pidgin

Issue Overview: An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain,...

5.9CVSS6.4AI score0.02419EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2230)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.02419EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/08/18 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2277)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.02419EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.45 views

EulerOS 2.0 SP5 : pidgin (EulerOS-SA-2022-2277)

According to the versions of the pidgin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious...

5.9CVSS6.6AI score0.02419EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.25 views

EulerOS 2.0 SP8 : pidgin (EulerOS-SA-2022-2230)

According to the versions of the pidgin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious...

5.9CVSS6.6AI score0.02419EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/15 12:0 a.m.15 views

Pidgin < 2.14.9 Improper Certificate Validation Vulnerability - Windows

Pidgin is prone to an improper certificate validation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.9CVSS5.6AI score0.02419EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/07/15 12:0 a.m.17 views

Pidgin < 2.14.9 Improper Certificate Validation Vulnerability - Mac OS X

Pidgin is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.9CVSS5.6AI score0.02419EPSS
Exploits0References2
Debian
Debian
added 2022/06/06 12:9 p.m.28 views

[SECURITY] [DLA 3043-1] pidgin security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3043-1 [email protected] https://www.debian.org/lts/security/ Andreas Rönnquist June 06, 2022 https://wiki.debian.org/LTS -...

5.9CVSS5.5AI score0.02419EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/06/06 12:0 a.m.60 views

Debian DLA-3043-1 : pidgin - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3043 advisory. An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perfo...

5.9CVSS6.5AI score0.02419EPSS
Exploits0References5
OSV
OSV
added 2022/06/02 2:15 p.m.14 views

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

5.9CVSS5.4AI score0.02419EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2022/06/02 2:15 p.m.31 views

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

5.9CVSS6.6AI score0.02419EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/05/31 4:25 a.m.17 views

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

5.7AI score0.02419EPSS
Exploits0References6
CVE
CVE
added 2022/05/31 4:25 a.m.149 views

CVE-2022-26491

CVE-2022-26491 affects Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client to a malicious server, causing the client to verify TLS for the malicious domain instead of the original XMPP service. This can allow the attacker to take over the XMPP connection and ...

5.9CVSS5.3AI score0.02419EPSS
Exploits0References6Affected Software1
AlpineLinux
AlpineLinux
added 2022/05/31 4:25 a.m.84 views

CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

5.9CVSS5.6AI score0.02419EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/05/30 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2022-0208)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.02419EPSS
Exploits0References7
OSV
OSV
added 2022/05/28 8:56 a.m.4 views

MGASA-2022-0208 Updated pidgin packages fix security vulnerability

MITM vulnerability when DNSSEC wasn't used CVE-2022-26491...

5.9CVSS5.6AI score0.02419EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2022:1693-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.02419EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.27 views

openSUSE: Security Advisory for pidgin (SUSE-SU-2022:1665-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS5.8AI score0.02419EPSS
Exploits0References2
OSV
OSV
added 2022/05/16 8:1 a.m.2 views

SUSE-SU-2022:1664-1 Security update for pidgin

This update for pidgin fixes the following issues: - CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used bsc1199025...

5.9CVSS5.7AI score0.02419EPSS
Exploits0References3
Rows per page
Query Builder