'Jingle Thief' Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated with organizations in the retail and consumer services sectors for gift card fraud. "Jingle Thief attackers use phishing and smishing to steal...

WordPress WordPress Local SEO plugin <= 2.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jingle Bells in WordPress Plugin WordPress Local SEO versions = 2.3...

Fedora 32 : prosody (2020-a48bf86c27)

Prosody 0.11.7 ============== This is a security release for the 0.11.x stable branch. It is strongly recommended that all users upgrade to this release, especially those whose deployments have enabled modwebsocket. As well as upgrading, we recommend all public deployments to review and configure...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. Multiple NULL pointer dereference flaws were found in the Jingle extension of the Extensible Messaging and Presence Protocol XMPP protocol plug-in in Pidgin. A remote attacker could use these flaws to crash Pidgin via a specially-crafted Jingle multimedi...

Oracle Linux 4 : pidgin (ELSA-2011-1820)

From Red Hat Security Advisory 2011:1820 : Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

AST-2012-015: Denial of Service Through Exploitation of Device State Caching

Asterisk Project Security Advisory - AST-2012-015 Product Asterisk Summary Denial of Service Through Exploitation of Device State Caching Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known None Reported On 26 July, 2012 Reported By...

Scientific Linux Security Update : pidgin on SL6.x i386/x86_64

Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. An input sanitization flaw was found in the way the AOL Open System for Communication in Realtime OSCAR protocol plug-in in Pidgin, used by the AOL ICQ and AIM insta...

CentOS Update for finch CESA-2011:1820 centos5 x86_64

Check for the Version of finch OpenVAS Vulnerability Test CentOS Update for finch CESA-2011:1820 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

CentOS Update for finch CESA-2011:1821 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 4 / 5 : pidgin (CESA-2011:1820)

Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

Moderate: Red Hat Security Advisory: pidgin security update

Updated pidgin packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...

pidgin: Multiple NULL pointer deference flaws by processing certain Jingle stanzas in the XMPP protocol plug-in

The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in 1 voice-chat and 2 video-chat stanzas, which allows remote attackers to cause a denial of service application crash via a crafted message...

[SECURITY] Fedora 11 Update: libnice-0.0.9-1.fc11

libnice is an implementation of the IETF's draft Interactive Connectivity Establishment standard ICE. ICE is useful for applications that want to establish peer-to-peer UDP data streams. It automates the process of traver sing NATs and provides security against some attacks. Existing standards th...