Skip to main content

Irssi

30 CVEs product

Monthly

CVE-2023-29132 MEDIUM This Month

Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Irssi
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2019-15717 CRITICAL Act Now

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Irssi Ubuntu Linux
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2019-13045 HIGH PATCH This Week

Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Use After Free Memory Corruption Irssi
NVD GitHub
CVSS 3.0
8.1
EPSS
3.3%
CVE-2019-5882 CRITICAL PATCH Act Now

Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free Memory Corruption Irssi Ubuntu Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2018-7054 CRITICAL Act Now

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free Irssi Ubuntu Linux +1
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-7053 CRITICAL Act Now

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free Irssi Debian Linux +1
NVD
CVSS 3.0
9.8
EPSS
2.5%
CVE-2018-7052 HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Microsoft Denial Of Service Irssi Ubuntu Linux +1
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-7051 HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-7050 HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-5208 CRITICAL PATCH Act Now

In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Irssi Debian Linux
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-5207 HIGH PATCH This Week

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2018-5206 CRITICAL PATCH Act Now

When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2018-5205 HIGH PATCH This Week

When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2017-15723 HIGH PATCH This Week

In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2017-15722 MEDIUM PATCH This Month

In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
5.9
EPSS
0.7%
CVE-2017-15721 HIGH PATCH This Week

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2017-15228 HIGH PATCH This Week

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-15227 HIGH PATCH This Week

Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-10966 CRITICAL PATCH Act Now

An issue was discovered in Irssi before 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure Irssi
NVD GitHub
CVSS 3.0
9.8
EPSS
0.8%
CVE-2017-10965 CRITICAL PATCH Act Now

An issue was discovered in Irssi before 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2017-9469 HIGH PATCH This Week

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2017-9468 HIGH PATCH This Week

In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2017-7191 CRITICAL PATCH Act Now

The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free RCE Irssi
NVD GitHub
CVSS 3.0
9.8
EPSS
2.6%
CVE-2017-5356 HIGH POC PATCH This Week

Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2017-5196 HIGH PATCH This Week

Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-5195 HIGH PATCH This Week

Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Irssi
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-5194 HIGH PATCH This Week

Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2017-5193 HIGH PATCH This Week

The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2016-7045 HIGH POC This Week

The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2016-7044 HIGH POC This Week

The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
1.9%
EPSS 1% CVSS 5.3
MEDIUM This Month

Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +2
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Denial Of Service Use After Free Memory Corruption +1
NVD GitHub
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Use After Free Memory Corruption +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Use After Free +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Microsoft Denial Of Service +3
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Irssi +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Irssi +2
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Irssi Debian Linux
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux
NVD
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Irssi Debian Linux +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi +1
NVD
EPSS 1% CVSS 5.9
MEDIUM PATCH This Month

In certain cases, Irssi before 1.0.5 may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Irssi before 1.0.5, certain incorrectly formatted DCC CTCP messages could cause a NULL pointer dereference. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi +1
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Irssi before 1.0.5, when installing themes with unterminated colour formatting sequences, may access data beyond the end of the string. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Irssi
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Irssi before 1.0.5, while waiting for the channel synchronisation, may incorrectly fail to remove destroyed channels from the query list, resulting in use-after-free conditions when updating the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure +1
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Irssi before 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Use After Free Information Disclosure +1
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

An issue was discovered in Irssi before 1.0.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi
NVD GitHub
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Irssi Debian Linux
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Irssi +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +2
NVD GitHub
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure +1
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Denial Of Service Memory Corruption Use After Free +2
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Null Pointer Dereference Denial Of Service Irssi +1
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi +2
NVD
EPSS 2% CVSS 7.5
HIGH POC This Week

The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Irssi +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy