Known Vulnerabilities for products from Quassel-irc
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Quassel-irc".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-34825 | Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is n... | 7.5 - HIGH | 2021-06-17 | 2023-11-07 |
| CVE-2018-1000179 | A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const ... | 7.5 - HIGH | 2018-05-08 | 2020-10-26 |
| CVE-2018-1000178 | A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(cons... | 9.8 - CRITICAL | 2018-05-08 | 2020-10-26 |
| CVE-2016-4414 | The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of se... | 7.5 - HIGH | 2016-06-13 | 2018-10-30 |
| CVE-2015-8547 | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause... | 7.5 - HIGH | 2016-01-08 | 2018-10-30 |
| CVE-2015-3427 | Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which a... | 7.5 - HIGH | 2015-05-14 | 2016-12-06 |
| CVE-2015-2779 | Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to ... | 5 - MEDIUM | 2015-04-10 | 2016-12-03 |
| CVE-2015-2778 | Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a d... | 5 - MEDIUM | 2015-04-10 | 2016-12-03 |
| CVE-2014-8483 | The blowfishECB function in core/cipher.cpp in Quassel IRC 0.10.0 allows remote attackers to cause a denial of service (out-o... | 5 - MEDIUM | 2014-11-06 | 2018-10-30 |
| CVE-2013-6404 | Quassel core (server daemon) in Quassel IRC before 0.9.2 does not properly verify the user ID when accessing user backlogs, w... | 4 - MEDIUM | 2013-12-09 | 2017-08-29 |
| CVE-2013-4422 | SQL injection vulnerability in Quassel IRC before 0.9.1, when Qt 4.8.5 or later and PostgreSQL 8.2 or later are used, allows ... | 6.8 - MEDIUM | 2013-10-23 | 2021-06-16 |
| CVE-2011-3354 | The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial o... | 5 - MEDIUM | 2011-10-04 | 2017-08-29 |
| CVE-2010-3443 | ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a denial of service (unrespon... | 5 - MEDIUM | 2013-11-23 | 2023-02-13 |
Known software with vulnerabilities from Quassel-irc
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Quassel-irc | Quassel | 0.1.0 |
| Application | Quassel-irc | Quassel Irc | 0.1.0 |