Vulnerabilities > Irssi

DATE CVE VULNERABILITY TITLE RISK
2017-07-07 CVE-2017-10965 NULL Pointer Dereference vulnerability in Irssi
An issue was discovered in Irssi before 1.0.4.
network
low complexity
irssi CWE-476
7.5
2017-06-07 CVE-2017-9469 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory.
network
low complexity
irssi debian CWE-119
5.0
2017-06-07 CVE-2017-9468 NULL Pointer Dereference vulnerability in multiple products
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer.
network
low complexity
irssi debian CWE-476
5.0
2017-03-27 CVE-2017-7191 Use After Free vulnerability in Irssi
The netjoin processing in Irssi 1.x before 1.0.2 allows attackers to cause a denial of service (use-after-free) and possibly execute arbitrary code via unspecified vectors.
network
low complexity
irssi CWE-416
7.5
2017-03-03 CVE-2017-5356 Out-of-bounds Read vulnerability in multiple products
Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]).
network
low complexity
irssi debian CWE-125
5.0
2017-03-03 CVE-2017-5196 Out-of-bounds Read vulnerability in Irssi 0.8.18/0.8.19/0.8.20
Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8.
network
low complexity
irssi CWE-125
5.0
2017-03-03 CVE-2017-5195 Out-of-bounds Read vulnerability in Irssi
Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code.
network
low complexity
irssi CWE-125
5.0
2017-03-03 CVE-2017-5194 Use After Free vulnerability in multiple products
Use-after-free vulnerability in Irssi before 0.8.21 allows remote attackers to cause a denial of service (crash) via an invalid nick message.
network
low complexity
irssi debian CWE-416
5.0
2017-03-03 CVE-2017-5193 NULL Pointer Dereference vulnerability in multiple products
The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick.
network
low complexity
irssi debian CWE-476
5.0
2017-02-27 CVE-2016-7553 Permission Issues vulnerability in Irssi Buf.Pl 2.13
The buf.pl script before 2.20 in Irssi before 0.8.20 uses weak permissions for the scrollbuffer dump file created between upgrades, which might allow local users to obtain sensitive information from private chat conversations by reading the file.
local
low complexity
irssi CWE-275
3.3