Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Quassel-ircQuassel

9 matches found

CVE
CVEadded 2018/05/08 3:29 p.m.84 views

CVE-2018-1000179

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.

7.5CVSS8AI score0.00564EPSS
CVE
CVEadded 2018/05/08 3:29 p.m.82 views

CVE-2018-1000178

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.

9.8CVSS9.5AI score0.01125EPSS
CVE
CVEadded 2021/06/17 2:15 p.m.71 views

CVE-2021-34825

Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on the local system.

7.5CVSS7.2AI score0.00124EPSS
CVE
CVEadded 2015/04/10 3:0 p.m.60 views

CVE-2015-2778

Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of service (crash) via a long CTCP query containing only multibyte characters.

5CVSS6.6AI score0.01612EPSS
CVE
CVEadded 2015/05/14 2:59 p.m.56 views

CVE-2015-3427

Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote attackers to conduct SQL injection attacks via a \ (backslash) in a message. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4422.

7.5CVSS7.4AI score0.00671EPSS
CVE
CVEadded 2015/04/10 3:0 p.m.53 views

CVE-2015-2779

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service (uncontrolled recursion) via a crafted massage.

5CVSS6.3AI score0.01703EPSS
CVE
CVEadded 2016/06/13 7:59 p.m.51 views

CVE-2016-4414

The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via invalid handshake data.

7.5CVSS7.1AI score0.02898EPSS
CVE
CVEadded 2016/01/08 7:59 p.m.45 views

CVE-2015-8547

The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query.

7.5CVSS7.2AI score0.02362EPSS
CVE
CVEadded 2011/10/04 10:55 a.m.38 views

CVE-2011-3354

The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service (crash) via a crafted Client-To-Client Protocol (CTCP) request, as demonstrated in the wild in September 2011.

5CVSS6.3AI score0.01621EPSS