Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quassel-irc quassel irc vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2021-34825
Quassel up to and including 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
Quassel-irc Quassel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
668
VMScore
CVE-2018-1000178
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an malicious user to execute code remotely.
Quassel-irc Quassel 0.12.4
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
445
VMScore
CVE-2018-1000179
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an malicious user to cause a denial of service.
Quassel-irc Quassel 0.12.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
445
VMScore
CVE-2016-4414
The onReadyRead function in core/coreauthhandler.cpp in Quassel prior to 0.12.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Quassel-irc Quassel
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
445
VMScore
CVE-2015-8547
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote malicious users to cause a denial of service (application crash) via the "/op *" command in a query.
Quassel-irc Quassel
Opensuse Opensuse 13.2
Opensuse Opensuse 13.1
Opensuse Leap 42.1
668
VMScore
CVE-2015-3427
Quassel prior to 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote malicious users to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete ...
Quassel-irc Quassel
Debian Debian Linux 8.0
445
VMScore
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel prior to 0.12-rc1 allows remote malicious users to cause a denial of service (uncontrolled recursion) via a crafted massage.
Quassel-irc Quassel
445
VMScore
CVE-2015-2778
Quassel prior to 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote malicious users to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.
Quassel-irc Quassel
445
VMScore
CVE-2014-8483
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a malformed string.
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Quassel-irc Quassel Irc 0.10.0
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Opensuse Opensuse 12.3
356
VMScore
CVE-2013-6404
Quassel core (server daemon) in Quassel IRC prior to 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id....
Quassel-irc Quassel Irc
Quassel-irc Quassel Irc 0.9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »