EUVD-2013-6286

Malware in sbrugna...

EUVD-2011-4526

Malware in sbrugna...

EUVD-2009-3069

Malware in sbrugna...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315 - Openfire Authentication Bypass This reposito...

SUSE CVE-2021-41055

Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service crash via a crafted XMPP Last Message Correction XEP-0308 message in multi-user chat, where the message ID equals the correction ID...

SUSE CVE-2022-26491

An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...

Pidgin 信任管理问题漏洞

Pidgin is a cross-platform real-time communication client from the Pidgin community. The program supports several popular real-time communication protocols, and users can log into different real-time communication services with the same software. A security vulnerability exists in Pidgin that ste...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way the Pidgin XMPP protocol plug-in processes IQ error responses when trying to fetch a custom smiley. A remote client could send a specially-crafted IQ error response that would crash Pidgin...

Skygofree: Following in the footsteps of HackingTeam

At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were...

Vibease Wireless Remote Vibrator app for Android and Vibease Chat app for iOS vulnerabilities

Vibease Wireless Remote Vibrator app for Android is a wireless remote control app based on Android platform.Vibease Chat app for iOS is an online chat software based on iOS platform. A security vulnerability exists in the Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app f...

[SECURITY] Fedora 25 Update: python-sleekxmpp-1.3.2-1.fc25

SleekXMPP is a flexible XMPP library for python that allows you to create clients, components or servers for the XMPP protocol. Plug-ins can be create to cover every current or future XEP...

CVE-2016-6445

A vulnerability in the Extensible Messaging and Presence Protocol XMPP service of the Cisco Meeting Server CMS before 2.0.6 and Acano Server before 1.8.18 and 1.9.x before 1.9.6 could allow an unauthenticated, remote attacker to masquerade as a legitimate user. This vulnerability is due to the XM...

Openfire 3.10.2 - Privilege Escalation

Openfire 3.10.2 - Privilege Escalation + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-PRIV-ESCALATION.txt Vendor: ================================ www.igniterealtime.org/projects/openfire...

Incorrect handling of self signed certificates in OpenFire XMPP Server

Incorrect handling of self signed certificates in OpenFire XMPP Server Affected software: OpenFire XMPP server Affected versions: 3.9.3 and earlier Vulnerabilities addressed: CVE-2014-3451, CVE-2015-2080 Openfire is a real time collaboration RTC server licensed under the Open Source Apache Licens...

Jappix Cross Site Scripting

Affected software: https://jappix.org/ Discovered by: Provensec Website: http://www.provensec.com Type of vulnerability: XSS Stored Description: Jappix is a new, smart and powerful social platform. We think each of us should own his own data, that’s why we’ve made Jappix decentralized. Jappix is...

Ubuntu: Security Advisory (USN-2100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2013-6483

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service NULL pointer dereference and...

CVE-2013-6483

The XMPP protocol plugin in libpurple in Pidgin before 2.10.8 does not properly determine whether the from address in an iq reply is consistent with the to address in an iq request, which allows remote attackers to spoof iq traffic or cause a denial of service NULL pointer dereference and...

RHEL 5 / 6 : pidgin (RHSA-2014:0139)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:0139 advisory. Pidgin is an instant messaging program which can log in to multiple accounts on multiple instant messaging networks simultaneously. A...

Scientific Linux Security Update : pidgin on SL5.x, SL6.x i386/x86_64 (20140205)

A heap-based buffer overflow flaw was found in the way Pidgin processed certain HTTP responses. A malicious server could send a specially crafted HTTP response, causing Pidgin to crash or potentially execute arbitrary code with the permissions of the user running Pidgin. CVE-2013-6485 Multiple...