Libgadu
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-4488 | 0.00 | — | 0.01 | Oct 10, 2014 | libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers. | |||
| CVE-2014-3775 | 0.00 | — | 0.04 | May 22, 2014 | libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message. | |||
| CVE-2008-4776 | 0.00 | — | 0.01 | Oct 28, 2008 | libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read. | |||
| CVE-2005-2448 | 0.00 | — | 0.02 | Aug 3, 2005 | Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems. | |||
| CVE-2005-2369 | 0.00 | — | 0.03 | Jul 26, 2005 | Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code. | |||
| CVE-2005-1852 | 0.00 | — | 0.05 | Jul 26, 2005 | Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. |
- CVE-2013-4488Oct 10, 2014risk 0.00cvss —epss 0.01
libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.
- CVE-2014-3775May 22, 2014risk 0.00cvss —epss 0.04
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
- CVE-2008-4776Oct 28, 2008risk 0.00cvss —epss 0.01
libgadu before 1.8.2 allows remote servers to cause a denial of service (crash) via a contact description with a large length, which triggers a buffer over-read.
- CVE-2005-2448Aug 3, 2005risk 0.00cvss —epss 0.02
Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems.
- CVE-2005-2369Jul 26, 2005risk 0.00cvss —epss 0.03
Multiple integer signedness errors in libgadu, as used in ekg before 1.6rc2 and other packages, may allow remote attackers to cause a denial of service or execute arbitrary code.
- CVE-2005-1852Jul 26, 2005risk 0.00cvss —epss 0.05
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message.