Skip to main content

Hexchat

3 CVEs product

Monthly

CVE-2016-2233 HIGH POC THREAT Act Now

Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.4%.

Buffer Overflow Denial Of Service Hexchat
NVD Exploit-DB VulDB
CVSS 3.0
7.5
EPSS
14.4%
CVE-2016-2087 HIGH POC THREAT Act Now

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 13.0%.

Path Traversal Hexchat
NVD Exploit-DB VulDB
CVSS 3.0
7.4
EPSS
13.0%
CVE-2013-7449 MEDIUM This Month

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Xchat Xchat Gnome Hexchat
NVD GitHub
CVSS 3.0
6.5
EPSS
0.1%
EPSS 14% CVSS 7.5
HIGH POC THREAT Act Now

Stack-based buffer overflow in the inbound_cap_ls function in common/inbound.c in HexChat 2.10.2 allows remote IRC servers to cause a denial of service (crash) via a large number of options in a CAP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 14.4%.

Buffer Overflow Denial Of Service Hexchat
NVD Exploit-DB VulDB
EPSS 13% CVSS 7.4
HIGH POC THREAT Act Now

Directory traversal vulnerability in the client in HexChat 2.11.0 allows remote IRC servers to read or modify arbitrary files via a .. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 13.0%.

Path Traversal Hexchat
NVD Exploit-DB VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

The ssl_do_connect function in common/server.c in HexChat before 2.10.2, XChat, and XChat-GNOME does not verify that the server hostname matches a domain name in the X.509 certificate, which allows. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ubuntu Linux Xchat +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy