Filtered by vendor Irssi
Subscriptions
Filtered by product Irssi
Subscriptions
Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-5193 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| The nickcmp function in Irssi before 0.8.21 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a message without a nick. | ||||
| CVE-2017-5195 | 1 Irssi | 1 Irssi | 2025-04-20 | N/A |
| Irssi 0.8.17 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ANSI x8 color code. | ||||
| CVE-2017-5196 | 1 Irssi | 1 Irssi | 2025-04-20 | 5.9 Medium |
| Irssi 0.8.18 before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via vectors involving strings that are not UTF8. | ||||
| CVE-2017-5356 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2025-04-20 | N/A |
| Irssi before 0.8.21 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a string containing a formatting sequence (%[) without a closing bracket (]). | ||||
| CVE-2016-7044 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2025-04-12 | N/A |
| The unformat_24bit_color function in the format parsing code in Irssi before 0.8.20, when compiled with true-color enabled, allows remote attackers to cause a denial of service (heap corruption and crash) via an incomplete 24bit color code. | ||||
| CVE-2016-7045 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2025-04-12 | N/A |
| The format_send_to_gui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service (heap corruption and crash) via vectors involving the length of a string. | ||||
| CVE-2010-1156 | 1 Irssi | 1 Irssi | 2025-04-11 | N/A |
| core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an attempted fuzzy nick match at the instant that a victim leaves a channel. | ||||
| CVE-2010-1155 | 1 Irssi | 1 Irssi | 2025-04-11 | N/A |
| Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) field or a Subject Alternative Name field of the X.509 certificate, which allows man-in-the-middle attackers to spoof IRC servers via an arbitrary certificate. | ||||
| CVE-2023-29132 | 1 Irssi | 1 Irssi | 2025-02-06 | 5.3 Medium |
| Irssi 1.3.x and 1.4.x before 1.4.4 has a use-after-free because of use of a stale special collector reference. This occurs when printing of a non-formatted line is concurrent with printing of a formatted line. | ||||
| CVE-2019-5882 | 2 Canonical, Irssi | 2 Ubuntu Linux, Irssi | 2024-11-21 | N/A |
| Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | ||||
| CVE-2019-15717 | 2 Canonical, Irssi | 2 Ubuntu Linux, Irssi | 2024-11-21 | N/A |
| Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends a double CAP. | ||||
| CVE-2019-13045 | 2 Irssi, Redhat | 2 Irssi, Enterprise Linux | 2024-11-21 | N/A |
| Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. | ||||
| CVE-2018-7054 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-11-21 | N/A |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. NOTE: this issue exists because of an incomplete fix for CVE-2017-7191. | ||||
| CVE-2018-7053 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-11-21 | N/A |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order. | ||||
| CVE-2018-7052 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-11-21 | N/A |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer dereference would occur. | ||||
| CVE-2018-7051 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-11-21 | N/A |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. | ||||
| CVE-2018-7050 | 3 Canonical, Debian, Irssi | 3 Ubuntu Linux, Debian Linux, Irssi | 2024-11-21 | N/A |
| An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. | ||||
| CVE-2018-5208 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | N/A |
| In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | ||||
| CVE-2018-5207 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | N/A |
| When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string. | ||||
| CVE-2018-5206 | 2 Debian, Irssi | 2 Debian Linux, Irssi | 2024-11-21 | N/A |
| When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | ||||