| CVE-2019-15717 |
AVG-1028 |
High |
Yes |
Arbitrary code execution |
Use after free when receiving duplicate CAP found. |
| CVE-2019-13045 |
AVG-999 |
High |
Yes |
Arbitrary code execution |
Irssi 1.0.x before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when SASL is enabled, has a use after free when sending SASL login to the server. |
| CVE-2019-5882 |
AVG-847 |
Low |
Yes |
Denial of service |
A use-after-free vulnerability has been found in irssi before 1.1.2, when hidden lines were expired from the scroll buffer. |
| CVE-2018-7054 |
AVG-616 |
Low |
Yes |
Denial of service |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when a server is disconnected during netsplits. |
| CVE-2018-7053 |
AVG-616 |
High |
Yes |
Arbitrary code execution |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free when SASL messages are received in an unexpected order. |
| CVE-2018-7052 |
AVG-616 |
Low |
Yes |
Denial of service |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. When the number of windows exceeds the available space, a crash due to a NULL pointer... |
| CVE-2018-7051 |
AVG-616 |
Low |
Yes |
Denial of service |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. Certain nick names could result in out-of-bounds access when printing theme strings. |
| CVE-2018-7050 |
AVG-616 |
Low |
Yes |
Denial of service |
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. A NULL pointer dereference occurs for an "empty" nick. |
| CVE-2018-5208 |
AVG-575 |
Medium |
No |
Denial of service |
In Irssi before 1.0.6 a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. |
| CVE-2018-5207 |
AVG-575 |
Medium |
No |
Denial of service |
When using an incomplete variable argument, irssi before 1.0.6 may access data beyond the end of the string. |
| CVE-2018-5206 |
AVG-575 |
Medium |
Yes |
Denial of service |
When the channel topic is set without specifying a sender, irssi before 1.0.6 may dereference a NULL pointer. |
| CVE-2018-5205 |
AVG-575 |
Medium |
No |
Denial of service |
When using incomplete escape codes, irssi before 1.0.6 may access data beyond the end of the string. |
| CVE-2017-15723 |
AVG-461 |
Medium |
Yes |
Denial of service |
Overlong nicks or targets may result in a NULL-pointer dereference in Irssi >= 0.8.17 and < 1.0.5 while splitting the message. Most IRC servers typically... |
| CVE-2017-15722 |
AVG-461 |
Medium |
Yes |
Denial of service |
In certain cases Irssi may fail to verify that a Safe channel ID is long enough, causing reads beyond the end of the string. To be exploited, this issue... |
| CVE-2017-15721 |
AVG-461 |
Medium |
Yes |
Denial of service |
Certain incorrectly formatted DCC CTCP messages could cause NULL- pointer dereference in Irssi < 1.0.5. This is a separate, but similar issue to... |
| CVE-2017-15228 |
AVG-461 |
Medium |
Yes |
Denial of service |
When installing themes with unterminated colour formatting sequences, Irssi < 1.0.5 may access data beyond the end of the string. |
| CVE-2017-15227 |
AVG-461 |
High |
Yes |
Arbitrary code execution |
While waiting for the channel synchronization, Irssi < 1.0.5 may incorrectly fail to remove destroyed channels from the query list, resulting in... |
| CVE-2017-10966 |
AVG-342 |
Critical |
Yes |
Arbitrary code execution |
While updating the internal nick list, Irssi may incorrectly use the GHashTable interface and free the nick while updating it. This will then result in... |
| CVE-2017-10965 |
AVG-342 |
Medium |
Yes |
Denial of service |
When receiving messages with invalid time stamps, Irssi would try to dereference a NULL pointer. This requires control over the IRC server, or a position of... |
| CVE-2017-9469 |
AVG-293 |
Medium |
Yes |
Denial of service |
In Irssi before 1.0.3, when receiving certain incorrectly quoted DCC files, it tries to find the terminating quote one byte before the allocated memory.... |
| CVE-2017-9468 |
AVG-293 |
Medium |
Yes |
Denial of service |
In Irssi before 1.0.3, when receiving a DCC message without source nick/host, it attempts to dereference a NULL pointer. Thus, remote IRC servers can cause a crash. |
| CVE-2017-7191 |
AVG-224 |
High |
Yes |
Arbitrary code execution |
A use after free vulnerability has been discovered in irssi < 1.0.2 while producing a list of netjoins that can result in arbitrary code execution. |
| CVE-2017-5196 |
AVG-127 |
Medium |
Yes |
Denial of service |
An out of bounds read has been discovered in certain incomplete character sequences leading to application crash. |
| CVE-2017-5195 |
AVG-127 |
Medium |
Yes |
Denial of service |
An out of bounds read has been discovered in certain incomplete control codes leading to application crash. |
| CVE-2017-5194 |
AVG-127 |
High |
Yes |
Arbitrary code execution |
A use after free vulnerability has been discovered when receiving an invalid nick message potentially leading to arbitrary code execution. |
| CVE-2017-5193 |
AVG-127 |
Medium |
Yes |
Denial of service |
A NULL pointer dereference has been discovered in the nickcmp function leading to application crash. |
| CVE-2016-7045 |
AVG-27 |
High |
Yes |
Arbitrary code execution |
The format_send_to_gui() function does not validate the length of the string before incrementing the `ptr' pointer in all cases. If that happens, the... |
| CVE-2016-7044 |
AVG-28 |
High |
Yes |
Arbitrary code execution |
The unformat_24bit_color() function is called by format_send_to_gui() to decode 24bit color codes into their components. The pointer is advanced... |