| CVE-2021-40516 |
AVG-2365 |
Medium |
Yes |
Denial of service |
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of- bounds read in... |
| CVE-2020-9760 |
AVG-1103 |
Critical |
Yes |
Arbitrary code execution |
A heap-based out-of-bounds write has been found in Weechat before 2.7.1, when a new IRC message 005 is received with longer nick prefixes. It could lead to... |
| CVE-2020-9759 |
AVG-1103 |
Medium |
Yes |
Denial of service |
A heap-based out-of-bounds read has been found in Weechat before 2.7.1, when receiving a malformed IRC message 352 (WHO). It could lead to a off-by-one read... |
| CVE-2020-8955 |
AVG-1103 |
Critical |
Yes |
Arbitrary code execution |
A heap-based out-of-bounds write has been found in the IRC plugin of Weechat before 2.7.1, in irc-mode.c, when receiving a malformed IRC message 324 (channel mode). |
| CVE-2017-14727 |
AVG-412 |
Medium |
Yes |
Denial of service |
It has been discovered that in logger.c in the logger plugin before weechat 1.9.1 the date/time conversion specifiers are expanded after replacing buffer... |
| CVE-2017-8073 |
AVG-253 |
High |
Yes |
Denial of service |
WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function... |