Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
quassel-irc quassel irc vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-1000178
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an malicious user to execute code remotely.
Quassel-irc Quassel 0.12.4
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2021-34825
Quassel up to and including 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.
Quassel-irc Quassel
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2018-1000179
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an malicious user to cause a denial of service.
Quassel-irc Quassel 0.12.4
Debian Debian Linux 8.0
Debian Debian Linux 9.0
7.5
CVSSv3
CVE-2016-4414
The onReadyRead function in core/coreauthhandler.cpp in Quassel prior to 0.12.4 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Quassel-irc Quassel
Fedoraproject Fedora 22
Fedoraproject Fedora 24
Fedoraproject Fedora 23
7.5
CVSSv3
CVE-2015-8547
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote malicious users to cause a denial of service (application crash) via the "/op *" command in a query.
Quassel-irc Quassel
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2015-3427
Quassel prior to 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote malicious users to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete ...
Quassel-irc Quassel
Debian Debian Linux 8.0
NA
CVE-2015-2778
Quassel prior to 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote malicious users to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.
Quassel-irc Quassel
NA
CVE-2015-2779
Stack consumption vulnerability in the message splitting functionality in Quassel prior to 0.12-rc1 allows remote malicious users to cause a denial of service (uncontrolled recursion) via a crafted massage.
Quassel-irc Quassel
NA
CVE-2014-8483
The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a malformed string.
Canonical Ubuntu Linux 12.04
Debian Debian Linux 7.0
Quassel-irc Quassel Irc 0.10.0
Opensuse Opensuse 12.3
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
NA
CVE-2013-6404
Quassel core (server daemon) in Quassel IRC prior to 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id....
Quassel-irc Quassel Irc
Quassel-irc Quassel Irc 0.9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »