14 matches found
EUVD-2012-5416
Malware in sbrugna...
EUVD-2015-8565
Malware in sbrugna...
EUVD-2021-28206
Malicious code in bioql PyPI...
EUVD-2022-42280
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2016-10376
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gajim through 0.16.7 unconditionally implements the XEP-0146: Remote Controlling Clients extension. This can be abused by malicious XMPP servers to, for example...
Linux Distros Unpatched Vulnerability : CVE-2021-41055
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service crash via a crafted XMPP Last Message Correction XEP-0308 message in...
The vulnerability of the XML Handler component, a cross-platform messaging client for the Jabber protocol, allows attackers to influence the integrity of the system.
The vulnerability of the XML Handler component in the cross-platform messaging application for the Jabber protocol, Gajim, is related to the creation of XML fragments that allow for editing messages that were not sent by other users. Exploiting this vulnerability can enable a malicious actor to...
CVE-2022-39835
An issue was discovered in Gajim through 1.4.7. The vulnerability allows attackers, via crafted XML stanzas, to correct messages that were not sent by them. The attacker needs to be part of the group chat or single chat. The fixed version is 1.5.0...
CVE-2022-39835
An issue was discovered in Gajim through 1.4.7. The vulnerability allows attackers, via crafted XML stanzas, to correct messages that were not sent by them. The attacker needs to be part of the group chat or single chat. The fixed version is 1.5.0...
DEBIAN-CVE-2016-10376
Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. This can be abused by malicious XMPP servers to, for example, extract plaintext from OTR encrypted sessions...
Gajim Message Interception Vulnerability
Gajim is a suite of free instant messaging software based on the Jabber communication protocol developed by the Gajim project. A security vulnerability exists in versions of Gajim prior to 0.16.5, which can be exploited by remote attackers to modify the roster and intercept messages with the help...
CVE-2015-8688
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza...
DEBIAN-CVE-2012-5524
The sslverifycallback function in tlsnb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle MITM attacks and spoof servers via an arbitrary certificate from a trusted CA...
CVE-2012-2085
The execcommand function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute...