CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code executio...

8.8CVSS8.2AI score0.00425EPSS

Exploits0References2

Microsoft CVE•added 2024/06/30 2:0 p.m.•1 views

The Battle for Wesnoth Project contains a Code Injection that can result in code execution outside the sandbox

...

8.8CVSS8.7AI score0.00425EPSS

Exploits0

OSV•added 2024/06/15 12:0 a.m.•4 views

OPENSUSE-SU-2024:10261-1 wesnoth-1.12.6-1.1 on GA media

These are all security issues fixed in the wesnoth-1.12.6-1.1 package on the GA media of openSUSE Tumbleweed...

5CVSS6.2AI score0.00651EPSS

Exploits0References1

OSV•added 2024/06/15 12:0 a.m.•7 views

OPENSUSE-SU-2024:11509-1 wesnoth-1.15.17-1.3 on GA media

These are all security issues fixed in the wesnoth-1.15.17-1.3 package on the GA media of openSUSE Tumbleweed...

8.8CVSS8.7AI score0.00425EPSS

Exploits0References1

OpenVAS•added 2023/03/08 12:0 a.m.•9 views

Debian: Security Advisory (DLA-202-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.00651EPSS

Exploits0References2

OpenVAS•added 2023/03/08 12:0 a.m.•16 views

Debian: Security Advisory (DLA-297-1)

4.3CVSS4.5AI score0.00671EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 6:11 a.m.•1 views

SUSE CVE-2007-3917

The multiplayer engine in Wesnoth 1.2.x before 1.2.7 and 1.3.x before 1.3.9 allows remote servers to cause a denial of service crash via a long message with multibyte characters that can produce an invalid UTF-8 string after it is truncated, which triggers an uncaught exception, involving the...

7.8CVSS6.9AI score0.02913EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:10 a.m.•1 views

SUSE CVE-2007-5742

Directory traversal vulnerability in the WML engine preprocessor for Wesnoth 1.2.x before 1.2.8, and 1.3.x before 1.3.12, allows remote attackers to read arbitrary files via ".." sequences in unknown vectors...

9CVSS7AI score0.01496EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:22 a.m.•1 views

SUSE CVE-2015-0844

The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote attackers to read arbitrary files via a crafted 1 campaign or 2 map file...

5CVSS6.9AI score0.00651EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:19 a.m.•1 views

SUSE CVE-2018-1999023

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

8.8CVSS8.8AI score0.00425EPSS

Exploits0References3

OpenVAS•added 2022/01/28 12:0 a.m.•13 views

Mageia: Security Advisory (MGASA-2018-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.7AI score0.00425EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by