Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wesnoth vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-1999023
The Battle for Wesnoth Project version 1.7.0 up to and including 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, netwo...
Wesnoth The Battle For Wesnoth
4.3
CVSSv3
CVE-2015-5069
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth prior to 1.12.3 and 1.13.x prior to 1.13.1 allow remote malicious users to obtain sensitive information via vectors related to inclusion of...
Wesnoth Battle For Wesnoth
Wesnoth Battle For Wesnoth 1.13.0
Fedoraproject Fedora 21
Fedoraproject Fedora 22
3.1
CVSSv3
CVE-2015-5070
The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in filesystem_boost.cpp in Battle for Wesnoth prior to 1.12.4 and 1.13.x prior to 1.13.1, when a case-insensitive filesystem is used, allow remote malicious users to obtain sensitive in...
Wesnoth Battle For Wesnoth
Wesnoth Battle For Wesnoth 1.13.0
Fedoraproject Fedora 21
Fedoraproject Fedora 22
NA
CVE-2015-0844
The WML/Lua API in Battle for Wesnoth 1.7.x up to and including 1.11.x and 1.12.x prior to 1.12.2 allows remote malicious users to read arbitrary files via a crafted (1) campaign or (2) map file.
Wesnoth Battle For Wesnoth 1.7.0
Wesnoth Battle For Wesnoth 1.7.13-1.8
Wesnoth Battle For Wesnoth 1.7.14-1.8
Wesnoth Battle For Wesnoth 1.7.15-1.8
Wesnoth Battle For Wesnoth 1.8.0
Wesnoth Battle For Wesnoth 1.9.0
Wesnoth Battle For Wesnoth 1.9.13
Wesnoth Battle For Wesnoth 1.9.14
Wesnoth Battle For Wesnoth 1.10.0
Wesnoth Battle For Wesnoth 1.11.0
Wesnoth Battle For Wesnoth 1.11.14
Wesnoth Battle For Wesnoth 1.11.15
Wesnoth Battle For Wesnoth 1.11.16
Wesnoth Battle For Wesnoth 1.11.17
Wesnoth Battle For Wesnoth 1.7.5
Wesnoth Battle For Wesnoth 1.7.6
Wesnoth Battle For Wesnoth 1.7.7
Wesnoth Battle For Wesnoth 1.7.8
Wesnoth Battle For Wesnoth 1.9.5
Wesnoth Battle For Wesnoth 1.9.6
Wesnoth Battle For Wesnoth 1.9.7
Wesnoth Battle For Wesnoth 1.9.8
NA
CVE-2009-0878
The read_game_map function in src/terrain_translation.cpp in Wesnoth before r32987 allows remote malicious users to cause a denial of service (memory consumption and daemon hang) via a map with a large (1) width or (2) height.
Wesnoth Wesnoth 1.4.2
Wesnoth Wesnoth 1.4.1
Wesnoth Wesnoth 1.3.3
Wesnoth Wesnoth 1.3.16
Wesnoth Wesnoth 1.2.8
Wesnoth Wesnoth 1.2.7
Wesnoth Wesnoth 1.2.1
Wesnoth Wesnoth 1.2
Wesnoth Wesnoth 1.1.7
Wesnoth Wesnoth 1.1.8
Wesnoth Wesnoth 1.1.3
Wesnoth Wesnoth 1.1.4
Wesnoth Wesnoth 1.0rcl
Wesnoth Wesnoth 1.1
Wesnoth Wesnoth 0.8.6
Wesnoth Wesnoth 0.8.5
Wesnoth Wesnoth 0.8.1
Wesnoth Wesnoth 0.8
Wesnoth Wesnoth 0.7.11
Wesnoth Wesnoth 0.6.99.1
Wesnoth Wesnoth 0.6.99.5
Wesnoth Wesnoth 0.6.99.4
NA
CVE-2009-0366
The uncompress_buffer function in src/server/simple_wml.cpp in Wesnoth before r33069 allows remote malicious users to cause a denial of service via a large compressed WML document.
Wesnoth Wesnoth 1.2.7
Wesnoth Wesnoth 1.2.6
Wesnoth Wesnoth 1.5.4
Wesnoth Wesnoth 1.5.3
Wesnoth Wesnoth 1.4.3
Wesnoth Wesnoth 1.4.4
Wesnoth Wesnoth 1.4.5
Wesnoth Wesnoth 1.3.12
Wesnoth Wesnoth 1.3.13
Wesnoth Wesnoth
Wesnoth Wesnoth 1.1.12
Wesnoth Wesnoth 1.1.3
Wesnoth Wesnoth 1.1.4
Wesnoth Wesnoth 1.1.10
Wesnoth Wesnoth 1.2.2
Wesnoth Wesnoth 1.2.5
Wesnoth Wesnoth 1.5.8
Wesnoth Wesnoth 1.5.7
Wesnoth Wesnoth 1.5.0
Wesnoth Wesnoth 1.4
Wesnoth Wesnoth 1.3.8
Wesnoth Wesnoth 1.3.9
NA
CVE-2009-0367
The Python AI module in Wesnoth 1.4.x and 1.5 prior to 1.5.11 allows remote malicious users to escape the sandbox and execute arbitrary code by using a whitelisted module that imports an unsafe module, then using a hierarchical module name to access the unsafe module through the ...
Wesnoth Wesnoth 1.4
Wesnoth Wesnoth 1.4.7
Wesnoth Wesnoth 1.5.0
Wesnoth Wesnoth 1.5.1
Wesnoth Wesnoth 1.5.8
Wesnoth Wesnoth 1.5.9
Wesnoth Wesnoth 1.4.6
Wesnoth Wesnoth 1.4.5
Wesnoth Wesnoth 1.5.2
Wesnoth Wesnoth 1.5.3
Wesnoth Wesnoth 1.5.10
Wesnoth Wesnoth 1.4.4
Wesnoth Wesnoth 1.4.3
Wesnoth Wesnoth 1.5.4
Wesnoth Wesnoth 1.5.5
Wesnoth Wesnoth 1.4.2
Wesnoth Wesnoth 1.4.1
Wesnoth Wesnoth 1.5.6
Wesnoth Wesnoth 1.5.7
1 EDB exploit
NA
CVE-2007-6201
Unspecified vulnerability in Wesnoth 1.2.x prior to 1.2.8, and 1.3.x prior to 1.3.12, allows malicious users to cause a denial of service (hang) via a "faulty add-on" and possibly execute other commands via unknown vectors related to the turn_cmd option.
Wesnoth Wesnoth 1.2.6
Wesnoth Wesnoth 1.2.3
Wesnoth Wesnoth 1.2.4
Wesnoth Wesnoth 1.3.7
Wesnoth Wesnoth 1.3.6
Wesnoth Wesnoth 1.2.5
Wesnoth Wesnoth 1.3.1
Wesnoth Wesnoth 1.3.5
Wesnoth Wesnoth 1.3.4
Wesnoth Wesnoth 1.2.7
Wesnoth Wesnoth 1.2
Wesnoth Wesnoth 1.3.10
Wesnoth Wesnoth 1.3.11
Wesnoth Wesnoth 1.3.3
Wesnoth Wesnoth 1.3.2
Wesnoth Wesnoth 1.2.1
Wesnoth Wesnoth 1.2.2
Wesnoth Wesnoth 1.3.9
Wesnoth Wesnoth 1.3.8
NA
CVE-2007-5742
Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x prior to 1.2.8, and 1.3.x prior to 1.3.12, allows remote malicious users to read arbitrary files via ".." sequences in unknown vectors.
Wesnoth Wesnoth 0.2.1
Wesnoth Wesnoth 0.4.1
Wesnoth Wesnoth 0.4.2
Wesnoth Wesnoth 0.5.1
Wesnoth Wesnoth 0.6
Wesnoth Wesnoth 0.7
Wesnoth Wesnoth 0.7.1
Wesnoth Wesnoth 0.7.6
Wesnoth Wesnoth 0.7.7
Wesnoth Wesnoth 0.8.3
Wesnoth Wesnoth 0.8.4
Wesnoth Wesnoth 0.9.1
Wesnoth Wesnoth 0.9.2
Wesnoth Wesnoth 1.1
Wesnoth Wesnoth 1.1.1
Wesnoth Wesnoth 1.1.10
Wesnoth Wesnoth 1.1.4
Wesnoth Wesnoth 1.1.5
Wesnoth Wesnoth 1.2.2
Wesnoth Wesnoth 1.2.3
Wesnoth Wesnoth 0.3.2
Wesnoth Wesnoth 0.3.3
NA
CVE-2007-3917
The multiplayer engine in Wesnoth 1.2.x prior to 1.2.7 and 1.3.x prior to 1.3.9 allows remote servers to cause a denial of service (crash) via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught excep...
Wesnoth Wesnoth 1.2.6
Wesnoth Wesnoth 1.3.7
Wesnoth Wesnoth 1.3.6
Wesnoth Wesnoth 1.2.3
Wesnoth Wesnoth 1.2.2
Wesnoth Wesnoth 1.2.1
Wesnoth Wesnoth 1.3.3
Wesnoth Wesnoth 1.3.2
Wesnoth Wesnoth 1.2.5
Wesnoth Wesnoth 1.2.4
Wesnoth Wesnoth 1.3.5
Wesnoth Wesnoth 1.3.4
Wesnoth Wesnoth 1.2
Wesnoth Wesnoth 1.3.8
Wesnoth Wesnoth 1.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started