Lucene search
K

7 matches found

OSV
OSV
added 2020/10/20 6:56 p.m.2 views

USN-4594-1 quassel vulnerabilities

It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2018-1000178 It was discovered that Quassel incorrectly handled certain login requests. A remote attacker could possibly use this issue to cause ...

9.8CVSS7.5AI score0.03978EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2020/10/20 12:0 a.m.24 views

Ubuntu 18.04 LTS : Quassel vulnerabilities (USN-4594-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4594-1 advisory. It was discovered that Quassel incorrectly handled Qdatastream protocol. A remote attacker could possibly use this issue to execute arbitrary code...

9.8CVSS8.6AI score0.03978EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2018/06/14 12:0 a.m.31 views

GLSA-201806-04 : Quassel: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201806-04 Quassel: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Quassel. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause arbitrary code execution ...

9.8CVSS8.8AI score0.03978EPSS
Exploits2References3
Mageia
Mageia
added 2018/05/16 8:24 a.m.26 views

Updated quassel packages fix security vulnerabilities

A heap corruption exists in quassel version 0.12.4 in quasselcore that allows an attacker to execute code remotely CVE-2018-1000178. A NULL Pointer Dereference exists in quassel version 0.12.4 in the quasselcore that allows an atacker to denial of service by attempting a login when the database i...

9.8CVSS5.5AI score0.03978EPSS
Exploits2References3
OSV
OSV
added 2018/05/08 3:29 p.m.1 views

UBUNTU-CVE-2018-1000178

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp line 62 that allows an attacker to execute code remotely...

9.8CVSS5.9AI score0.03978EPSS
Exploits1References6
OSV
OSV
added 2018/05/08 3:29 p.m.20 views

CVE-2018-1000178

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessageconst QByteArray &msg datastreampeer.cpp line 62 that allows an attacker to execute code remotely...

9.8CVSS9.9AI score0.03978EPSS
Exploits1References6
CVE
CVE
added 2018/05/08 3:0 p.m.94 views

CVE-2018-1000178

Quassel Core vulnerability CVE-2018-1000178 involves a heap corruption (CWE-120) in DataStreamPeer::processMessage inside quasselcore on version 0.12.4, enabling remote code execution by an attacker. Public advisories (Mageia GLSA-201806-04) note that Quassel users should upgrade to 0.12.5 to add...

9.8CVSS9.5AI score0.03978EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder