This page lists publicly disclosed CVE vulnerabilities affecting dconnect dconnect_daemon (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2006-4127 | Multiple format string vulnerabilities in DConnect Daemon 0.7.0 and earlier allow remote administrators to execute arbitrary code via format string specifiers that are not properly handled when calling the (1) privmsg() or (2) pubmsg functions from (a) cmd.user.c, (b) penalties.c, or (c) cmd.dc.c. | [email protected] | 4.6 | 1.58% | 2006-08-14 | 2026-04-16 |
| CVE-2006-4126 | The dc_chat function in cmd.dc.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to cause a denial of service (application crash) by sending a client message before providing the nickname, which triggers a null pointer dereference. | [email protected] | 5.0 | 13.55% | 2006-08-14 | 2026-04-16 |
| CVE-2006-4125 | Stack-based buffer overflow in main.c in DConnect Daemon 0.7.0 and earlier allows remote attackers to execute arbitrary code via a large nickname, which is not properly handled by the listen_thread_udp function. | [email protected] | 7.5 | 26.99% | 2006-08-14 | 2026-04-16 |