Skip to main content

Quassel Irc

3 CVEs product

Monthly

CVE-2014-8483 MEDIUM PATCH This Month

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Information Disclosure Buffer Overflow Ubuntu Linux Debian Linux +2
NVD GitHub
CVSS 2.0
5.0
EPSS
3.2%
CVE-2013-6404 MEDIUM POC PATCH This Month

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation PostgreSQL Quassel Irc
NVD GitHub
CVSS 2.0
4.0
EPSS
0.4%
CVE-2013-4422 MEDIUM This Month

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

SQLi PostgreSQL Quassel Irc
NVD
CVSS 2.0
6.8
EPSS
0.7%
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Information Disclosure Buffer Overflow +4
NVD GitHub
EPSS 0% CVSS 4.0
MEDIUM POC PATCH This Month

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Privilege Escalation PostgreSQL Quassel Irc
NVD GitHub
EPSS 1% CVSS 6.8
MEDIUM This Month

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

SQLi PostgreSQL Quassel Irc
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy