PT-2026-26687

Halloy is an IRC application written in Rust. Prior to commit 0f77b2cfc5f822517a256ea5a4b94bad8bfe38b6, the DCC receive flow did not sanitize filenames from incoming DCC SEND requests. A remote IRC user could send a filename with path traversal sequences like ../../.ssh/authorized keys and the fi...

CVE-2025-64125 Nuvation Energy nCloud Client-to-Client Communication

A vulnerability in Nuvation Energy nCloud VPN Service allowed Network Boundary Bridging.This issue affected the nCloud VPN Service and was fixed on 2025-12-1 December, 2025. End users do not have to take any action to mitigate the issue...

CVE-2025-64125

Observation: CVE-2025-64125 affects Nuvation Energy nCloud VPN Service and enables Network Boundary Bridging. The issue is confirmed in multiple feeds (NVD/Red Hat) and is fixed as of 2025-12-01; end users did not need to take mitigation action. The available metrics indicate a high-severity impa...

CVE-2025-64123 Nuvation Energy Multi-Stack Controller Proxy service allows arbitrary BMS access

Unintended Proxy or Intermediary vulnerability in Nuvation Energy Multi-Stack Controller MSC allows Network Boundary Bridging.This issue affects Multi-Stack Controller MSC: through and including release 2.5.1...

SUSE CVE-2011-3354

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service crash via a crafted Client-To-Client Protocol CTCP request, as demonstrated in the wild in September 2011...

SUSE CVE-2014-1690

The help function in net/netfilter/nfnatirc.c in the Linux kernel before 3.12.8 allows remote attackers to obtain sensitive information from kernel memory by establishing an IRC DCC session in which incorrect packet data is transmitted during use of the NAT mangle feature...

CVE-2022-36990

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from...

Irssi Null Pointer Dereference Vulnerability

Irssi is an IRC client program with a text user interface, released under the GPL. A security vulnerability exists in versions of Irssi prior to 1.0.5 that stems from the program failing to properly format DCC CTCP messages. A remote attacker could exploit this vulnerability to cause a denial of...

DEBIAN-CVE-2017-15721

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468...

UBUNTU-CVE-2017-15721

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. This is a separate, but similar, issue relative to CVE-2017-9468...

MSN Messenger 6.2.0137 PNG Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12506/info A remotely exploitable buffer overflow exists in MSN Messenger and Windows Messenger. This vulnerability is related to parsing of Portable Network Graphics PNG image header data. Successful exploitation will...

DEBIAN-CVE-2010-3443

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service unresponsive IRC via multiple Client-To-Client Protocol CTCP requests in a PRIVMSG message...

CVE-2010-3443

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service unresponsive IRC via multiple Client-To-Client Protocol CTCP requests in a PRIVMSG message...

Design/Logic Flaw

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service unresponsive IRC via multiple Client-To-Client Protocol CTCP requests in a PRIVMSG message...

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow

Microsoft MSN Messenger 6.2.0137 - .png Remote Buffer Overflow // source: https://www.securityfocus.com/bid/12506/info A remotely exploitable buffer overflow exists in MSN Messenger and Windows Messenger. This vulnerability is related to parsing of Portable Network Graphics PNG image header data...

Microsoft MSN Messenger 6.2.0137 - '.png' Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/12506/info A remotely exploitable buffer overflow exists in MSN Messenger and Windows Messenger. This vulnerability is related to parsing of Portable Network Graphics PNG image header data. Successful exploitation will result in execution of arbitrary...

Multiple web-based email services fail to filter malicious characters when the message contains cascading style sheet character escaping

Overview An attacker can send a specially crafted email message to a victim containing malicious scripting JavaScript, VBScript, JScript, etc., active content, or potentially HTML. When a victim views the message with scripting enabled, the victim's browser will then interpret this javascript whi...

CVE-2002-0314

fasttrack p2p, as used in 1 KaZaA before 1.5, 2 grokster, and 3 morpheus allows remote attackers to cause a denial of service memory exhaustion via a series of client-to-client messages, which pops up new windows per message...

Web-based email services filtering systems vulnerable to malicous script execution

Overview An attacker can send a specially crafted email message to a victim containing malicious scripting JavaScript, VBScript, JScript, etc., or potentially HTML. When a victim views the message with scripting enabled, the victim's browser will then interpret this javascript which can lead to...