Ioquake3
Monthly
Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.
Buffer overflow in ioquake3 before 2017-08-02 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.