CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. CVE-2024-39844 Note that Nessus relies on the presence of the package as reported by...

9.8CVSS9.2AI score0.37139EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 12:33 p.m.•2 views

CVE-2010-2488

NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections...

7.5CVSS6.9AI score0.01309EPSS

Exploits1References1

Tenable Nessus•added 2024/11/14 12:0 a.m.•5 views

Fedora 41 : znc / znc-clientbuffer / znc-push (2024-1c078a4771)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-1c078a4771 advisory. Fix CVE-2024-39844 https://wiki.znc.in/ChangeLog/1.9.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

9.8CVSS5.4AI score0.37139EPSS

Exploits0References2

OSV•added 2024/07/03 5:15 p.m.•11 views

CVE-2024-39844

In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...

9.8CVSS7.6AI score

Exploits0References5

Positive Technologies•added 2024/07/03 12:0 a.m.•3 views

PT-2024-28697 · Znc +2 · Znc +2

Name of the Vulnerable Software and Affected Versions: ZNC versions prior to 1.9.1 Description: The issue allows for remote code execution in the modtcl module of ZNC, which can be triggered through a prepared kick message. Recommendations: For versions prior to 1.9.1, update to version 1.9.1 or...

9.8CVSS7.8AI score0.37139EPSS

Exploits0References31

CNNVD•added 2024/07/03 12:0 a.m.•0 views

ZNC Security Vulnerabilities

ZNC is ZNC's open source set of IRC proxies that allow users to log in to IRC servers from their workstations. A security vulnerability exists in ZNC versions prior to 1.9.1, which stems from a remote code execution that can be performed in modtcl via KICK...

9.8CVSS7.9AI score0.37139EPSS

Exploits0References7

FreeBSD•added 2024/07/03 12:0 a.m.•11 views

znc -- remote code execution vulnerability

Mitre reports: In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...

9.8CVSS8.2AI score0.37139EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:25 a.m.•3 views

SUSE CVE-2014-9403

The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service NULL pointer dereference and crash by adding a channel with the same name as an existing channel but without the leading character, related to a...

4CVSS6.6AI score0.01087EPSS

Exploits0References3

Prion•added 2020/06/02 11:15 p.m.•12 views

Null pointer dereference

ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash with a NULL pointer dereference if echo-message is not enabled and there is no network...

3.5CVSS6.2AI score0.01008EPSS

Exploits0References4Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by