Quassel-irc Quassel
9 CVEs affecting Quassel-irc Quassel. Latest disclosed: 2021-06-17. Critical: 1, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-1000178 | Critical | 9.8 | 2018-05-08 | A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer… |
CVE-2021-34825 | High | 7.5 | 2021-06-17 | Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system. |
CVE-2018-1000179 | High | 7.5 | 2018-05-08 | A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp li… |
CVE-2016-4414 | High | 7.5 | 2016-06-13 | The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference an… |
CVE-2015-8547 | High | 7.5 | 2016-01-08 | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application… |
CVE-2015-3427 | | 2015-05-14 | Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct… | |
CVE-2015-2779 | | 2015-04-10 | Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontr… | |
CVE-2015-2778 | | 2015-04-10 | Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a lon… | |
CVE-2011-3354 | | 2011-10-04 | The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Cl… |