Vulnerabilities > Irssi > Irssi > 0.7.98.2

DATE CVE VULNERABILITY TITLE RISK
2018-02-15 CVE-2018-7054 Use After Free vulnerability in multiple products
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.
network
low complexity
irssi canonical debian CWE-416
7.5
7.5
2018-02-15 CVE-2018-7053 Use After Free vulnerability in multiple products
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.
network
low complexity
irssi debian canonical CWE-416
7.5
7.5
2018-02-15 CVE-2018-7052 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.
network
low complexity
irssi canonical debian CWE-476
5.0
5.0
2018-02-15 CVE-2018-7051 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.
network
low complexity
irssi debian canonical CWE-125
5.0
5.0
2018-02-15 CVE-2018-7050 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1.
network
low complexity
irssi debian canonical CWE-476
5.0
5.0
2018-01-06 CVE-2018-5208 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
network
low complexity
irssi debian CWE-119
7.5
7.5
2018-01-06 CVE-2018-5207 Use of Externally-Controlled Format String vulnerability in multiple products
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.
network
low complexity
irssi debian CWE-134
5.0
5.0
2018-01-06 CVE-2018-5206 NULL Pointer Dereference vulnerability in multiple products
When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
network
low complexity
irssi debian CWE-476
7.5
7.5
2018-01-06 CVE-2018-5205 Use of Externally-Controlled Format String vulnerability in multiple products
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.
network
low complexity
irssi debian canonical CWE-134
5.0
5.0
2017-10-22 CVE-2017-15723 NULL Pointer Dereference vulnerability in multiple products
In Irssi before 1.0.5, overlong nicks or targets may result in a NULL pointer dereference while splitting the message.
network
low complexity
irssi debian CWE-476
5.0
5.0