CPE Details

ZNC 1.0
znc
znc
1.0
2014-06-06
13h38 +00:00
2014-06-18
15h37 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:znc:znc:1.0:*:*:*:*:*:*:*

Informations

Vendor

znc

Product

znc

Version

1.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-12816 2019-06-15 13h40 +00:00 Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.
8.8
High
CVE-2019-9917 2019-03-27 04h41 +00:00 ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.
6.5
Medium
CVE-2018-14055 2018-07-14 23h00 +00:00 ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf.
6.5
Medium
CVE-2018-14056 2018-07-14 23h00 +00:00 ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories.
5.3
Medium
CVE-2014-9403 2014-12-19 14h00 +00:00 The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.
4
CVE-2013-2130 2014-06-05 18h00 +00:00 ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.
4