Every CVE whose affected-product data names Quassel-irc Quassel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2018-1000178 — CVSS 9.8 (critical): A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray…
CVE-2021-34825 — CVSS 7.5 (high): Quassel through 0.13.1, when --require-ssl is enabled, launches without SSL or TLS support if a usable X.509 certificate is not found on…
CVE-2015-8547 — CVSS 7.5 (high): The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of…
CVE-2016-4414 — CVSS 7.5 (high): The onReadyRead function in core/coreauthhandler.cpp in Quassel before 0.12.4 allows remote attackers to cause a denial of service (NULL…
CVE-2018-1000179 — CVSS 7.5 (high): A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg)…
CVE-2015-3427 — CVSS 7.5 (high): Quassel before 0.12.2 does not properly re-initialize the database session when the PostgreSQL database is restarted, which allows remote…
CVE-2015-2779 — CVSS 5.0 (medium): Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial…
CVE-2011-3354 — CVSS 5.0 (medium): The CtcpParser::packedReply method in core/ctcpparser.cpp in Quassel before 0.7.3 allows remote attackers to cause a denial of service…
CVE-2015-2778 — CVSS 5.0 (medium): Quassel before 0.12-rc1 uses an incorrect data-type size when splitting a message, which allows remote attackers to cause a denial of…