inspircd 漏洞與 CVE 列表(10)

產品(CPE): — CVE 數: 10

inspircd 漏洞概覽

彙總 inspircd 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。

已披露問題常與 緩衝區溢位、記憶體損壞與輸入驗證問題 相關,可能在 生產負載與軟體部署 場景中帶來 記憶體損壞與異常行為 等暴露風險。

相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。

漏洞分布趨勢(近 24 個月)

顯示 11010 CVE 數
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
CVE 摘要 來源 最高 CVSS EPSS % 公開時間 更新時間
CVE-2021-33586 InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able to connect to the server) to access recently deallocated memory, aka the "malformed PONG" issue. [email protected] 4.3 0.89% 2021-05-27 2026-06-16
CVE-2020-25269 An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server. [email protected] 6.5 2.69% 2020-09-11 2026-06-16
CVE-2019-20918 An issue was discovered in InspIRCd 3 before 3.1.0. The silence module contains a use after free vulnerability. This vulnerability can be used for remote crashing of an InspIRCd server by any user able to fully connect to a server. [email protected] 6.5 1.49% 2020-09-11 2026-06-16
CVE-2019-20917 An issue was discovered in InspIRCd 2 before 2.0.28 and 3 before 3.3.0. The mysql module contains a NULL pointer dereference when built against mariadb-connector-c 3.0.5 or newer. When combined with the sqlauth or sqloper modules, this vulnerability can be used for remote crashing of an InspIRCd server by any user able to connect to a server. [email protected] 6.5 2.79% 2020-09-11 2026-06-16
CVE-2012-6696 inspircd in Debian before 2.0.7 does not properly handle unsigned integers. NOTE: This vulnerability exists because of an incomplete fix to CVE-2012-1836. [email protected] 9.8 1.62% 2017-09-25 2026-06-16
CVE-2015-6674 Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836. [email protected] 9.8 2.27% 2017-04-13 2026-06-16
CVE-2016-7142 The m_sasl module in InspIRCd before 2.0.23, when used with a service that supports SASL_EXTERNAL authentication, allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted SASL message. [email protected] 5.9 1.08% 2016-09-26 2026-06-16
CVE-2015-8702 The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service (netsplit) via an invalid character in a PTR response, as demonstrated by a "\032" (whitespace) character in a hostname. [email protected] 8.6 2.28% 2016-04-12 2026-06-16
CVE-2012-1836 Heap-based buffer overflow in dns.cpp in InspIRCd 2.0.5 might allow remote attackers to execute arbitrary code via a crafted DNS query that uses compression. [email protected] 7.5 6.90% 2012-03-21 2026-06-16
CVE-2008-1925 Buffer overflow in InspIRCd before 1.1.18, when using the namesx and uhnames modules, allows remote attackers to cause a denial of service (daemon crash) via a large number of channel users with crafted nicknames, idents, and long hostnames. [email protected] 5.0 2.28% 2008-04-24 2026-06-16
«« 第一頁 « 上一頁 第 1 / 1 頁 下一頁 »
cvelogic Threat Intelligence