Skip to main content
CVE-2018-5208 CRITICAL PATCH Act Now

In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Irssi Debian Linux
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-5206 CRITICAL PATCH Act Now

When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2018-5207 HIGH PATCH This Week

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2018-5205 HIGH PATCH This Week

When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy