Vulnerabilities > Atheme > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2017-6384 | Missing Release of Resource after Effective Lifetime vulnerability in Atheme 7.2.7 Memory leak in the login_user function in saslserv/main.c in saslserv/main.so in Atheme 7.2.7 allows a remote unauthenticated attacker to consume memory and cause a denial of service. | 7.5 |
| 2016-06-13 | CVE-2016-4478 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in the xmlrpc_char_encode function in modules/transport/xmlrpc/xmlrpclib.c in Atheme before 7.2.7 allows remote attackers to cause a denial of service via vectors related to XMLRPC response encoding. | 7.5 |
| 2016-06-13 | CVE-2014-9773 | Improper Access Control vulnerability in multiple products modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS behavior by registering and dropping the (1) LIST, (2) CLEAR, or (3) MODIFY keyword nicks. | 7.5 |