Every CVE whose affected-product data names Universal Ircd Ircu, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2007-4405 — CVSS 7.8 (high): ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a…
CVE-2007-4404 — CVSS 7.8 (high): ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names…
CVE-2007-4406 — CVSS 7.5 (high): ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows…
CVE-2007-4407 — CVSS 6.4 (medium): ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote…
CVE-2007-4410 — CVSS 6.0 (medium): ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated…
CVE-2007-4409 — CVSS 5.1 (medium): Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass during a netburst by arranging for ops…
CVE-2007-4408 — CVSS 5.0 (medium): ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing…
CVE-2007-4411 — CVSS 4.3 (medium): ircu 2.10.12.05 and earlier allows remote attackers to discover the hidden IP address of arbitrary +x users via a series of /silence…