📦

quassel_irc

Vendor: quassel-irc

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 9 Total Indexed

Avg. EPSS 1.16% Exploit Prob.

Latest CVE CVE-2014-8483 Nov 06

Security Vulnerability Index

Page 1 / 1

5.0 CVSS

CVE-2014-8483

The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a malformed string.

EPSS: 2.34%

Severity: MEDIUM

Nov 06, 2014

4.0 CVSS

CVE-2013-6404

Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, which allows remote authenticated users to read other users' backlogs via the bufferid in (1) 16/select_buffer_by_id.sql, (2) 16/select_buffer_by_id.sql, and (3) 16/select_buffer_by_id.sql in core/SQL/PostgreSQL/.

EPSS: 0.45%

Severity: MEDIUM

Dec 09, 2013

5.0 CVSS

CVE-2010-3443

ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unresponsive IRC) via multiple Client-To-Client Protocol (CTCP) requests in a PRIVMSG message.

EPSS: 1.19%

Severity: MEDIUM

Nov 23, 2013

6.8 CVSS

CVE-2013-4422

SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows remote attackers to execute arbitrary SQL commands via a \ (backslash) in a message.

EPSS: 0.67%

Severity: MEDIUM

Oct 23, 2013

Displaying 4 of 9 Total Entries

Total 1 Sections