CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-88252e4f80 advisory. - add command /item to create custom bar items - add bar item spacer - add case conversion in evaluation of expressions with lower:string and upper:string -...

5.7AI score

Exploits0References1

CNNVD•added 2022/04/02 12:0 a.m.•2 views

WeeChat 信任管理问题漏洞

WeeChat is a scalable live chat client application. A security vulnerability exists in WeeChat versions 3.2 through 3.4 that stems from not properly validating the server's TLS certificate, which could allow an attacker to spoof a TLS chat server with an arbitrary certificate after certain GnuTLS...

4.8CVSS5.4AI score0.00135EPSS

Exploits1References3

CNNVD•added 2021/09/05 12:0 a.m.•1 views

WeeChat 缓冲区错误漏洞

A security vulnerability in WeeChat, an extensible live chat client application, stems from the fact that WeeChat before version 3.2.1 allows remote attackers to trigger, via a crafted WebSocket framework, an out-of-bounds read, resulting in a denial of service crash. No detailed vulnerability...

7.5CVSS5.6AI score0.00975EPSS

Exploits0References6

OSV•added 2017/10/13 7:33 p.m.•3 views

MGASA-2017-0369 Updated weechat packages fix security vulnerability

It was discovered that logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized CVE-2017-14727...

7.5CVSS7.4AI score0.00654EPSS

Exploits0References5

OSV•added 2017/04/23 3:59 p.m.•1 views

ALPINE-CVE-2017-8073

WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the ircctcpdccfilenamewithoutquotes function during quote removal, with a buffer overflow...

7.5CVSS7.3AI score0.01882EPSS

Exploits0References1

OSV•added 2012/11/19 12:10 p.m.•2 views

CVE-2012-5854

Heap-based buffer overflow in WeeChat 0.3.6 through 0.3.9 allows remote attackers to cause a denial of service crash or hang and possibly execute arbitrary code via crafted IRC colors that are not properly decoded...

8AI score

Exploits0References13

OSV•added 2011/03/16 10:55 p.m.•4 views

CVE-2011-1428

Wee Enhanced Environment for Chat aka WeeChat 0.3.4 and earlier does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL chat server via an arbitrary certificate, related to incorrect...

6.3AI score

Exploits0References6

OSV•added 2009/03/19 10:30 a.m.•4 views

CVE-2009-0661

Wee Enhanced Environment for Chat WeeChat 0.2.6 allows remote attackers to cause a denial of service crash via an IRC PRIVMSG command containing crafted color codes that trigger an out-of-bounds read...

6.5AI score

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by