CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in...

6.5CVSS6.6AI score0.00171EPSS

Exploits0References2

OSV•added 2024/09/15 2:36 p.m.•11 views

RHSA-2004:585 Red Hat Security Advisory: xchat security update

Bulletin has no description...

7.5CVSS6.1AI score0.30771EPSS

Exploits0References10

Tenable Nessus•added 2024/06/03 12:0 a.m.•25 views

RHEL 7 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xchat/hexchat: does not verify the server hostname matches the domain name in the subject's Common Name CN or...

6.5CVSS6.5AI score0.00171EPSS

Exploits0References1

Tenable Nessus•added 2024/06/03 12:0 a.m.•19 views

RHEL 5 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xchat: untrusted python modules search path CVE-2009-0315 - xchat/hexchat: does not verify the server...

6.5CVSS7AI score0.00216EPSS

Exploits1References2

Tenable Nessus•added 2024/06/03 12:0 a.m.•19 views

RHEL 4 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - xchat: untrusted python modules search path CVE-2009-0315 Note that Nessus has not tested for this issue but has...

6.9CVSS6.6AI score0.00216EPSS

Exploits1References1

Tenable Nessus•added 2024/06/03 12:0 a.m.•18 views

RHEL 6 : xchat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xchat: untrusted python modules search path CVE-2009-0315 - xchat/hexchat: does not verify the server...

6.5CVSS7.7AI score0.00216EPSS

Exploits1References2

Tenable Nessus•added 2023/04/11 12:0 a.m.•26 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : xchat Multiple Vulnerabilities (NS-SA-2023-0021)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has xchat packages installed that are affected by multiple vulnerabilities: - An error within the parserollei function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...

7.8CVSS6.4AI score0.01174EPSS

Exploits1References7

OpenVAS•added 2023/03/08 12:0 a.m.•12 views

Debian: Security Advisory (DLA-1050-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS7.5AI score0.13018EPSS

Exploits5References2

SUSE CVE•added 2023/02/15 6:21 a.m.•3 views

SUSE CVE-2004-0409

Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code...

7.5CVSS8.3AI score0.30771EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 6:5 a.m.•3 views

SUSE CVE-2009-0315

Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

6.9CVSS7.4AI score0.00216EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 5:49 a.m.•1 views

SUSE CVE-2011-5129

Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long response string...

5CVSS8AI score0.31139EPSS

Exploits1References3

SUSE CVE•added 2023/02/15 5:33 a.m.•2 views

SUSE CVE-2013-7449

The ssldoconnect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate...

6.5CVSS7AI score0.00171EPSS

Exploits0References3

Metasploit•added 2021/09/28 5:42 p.m.•89 views

XChat Credential Gatherer

This module searches for XChat credentials on a Windows host. XChat is an IRC chat program for both Linux and Windows. Module Options msf use post/windows/gather/credentials/xchat msf postxchat show actions ...actions... msf postxchat set ACTION msf postxchat show options ...show and set options...

7.1AI score

Exploits0

Rosalinux•added 2021/07/02 6:21 p.m.•16 views

Advisory ROSA-SA-2021-1999

Software: xchat 2.8.8 OS: Cobalt 7.9 CVE-ID: CVE-2011-5129 CVE-Crit: CRITICAL CVE-DESC: Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service failure and possibly execute arbitrary code using a long response string. CVE-STATUS: default CVE-REV:...

5CVSS7.8AI score0.31139EPSS

Exploits1

Metasploit•added 2020/04/22 2:48 p.m.•44 views

Linux Gather HexChat/XChat Enumeration

This module will collect HexChat and XChat's config files and chat logs from the victim's machine. There are three actions you may choose: CONFIGS, CHATS, and ALL. The CONFIGS option can be used to collect information such as channel settings, channel/server passwords, etc. The CHATS option will...

6.8AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by