Vulnerabilities > Irssi > Irssi > 0.7.24

DATE CVE VULNERABILITY TITLE RISK
2017-03-03 CVE-2017-5194 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
network
low complexity
irssi debian CWE-416
7.5
7.5
2017-03-03 CVE-2017-5193 NULL Pointer Dereference vulnerability in multiple products
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
network
low complexity
irssi debian CWE-476
7.5
7.5
2016-09-27 CVE-2016-7045 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string.
network
low complexity
irssi debian canonical CWE-119
7.5
7.5
2016-09-27 CVE-2016-7044 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code.
network
low complexity
irssi debian canonical CWE-119
7.5
7.5