Sébastien Helleu

4 exploits Active since Sep 2017
CVE-2017-14727 WRITEUP HIGH WRITEUP
WeeChat logger - Denial of Service via strftime Date/Time Specifiers
logger.c in the logger plugin in WeeChat before 1.9.1 allows a crash via strftime date/time specifiers, because a buffer is not initialized.
CVSS 7.5
CVE-2020-8955 WRITEUP CRITICAL WRITEUP
WeeChat < 2.7 - Buffer Overflow via Malformed IRC Message 324
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).
CVSS 9.8
CVE-2020-9760 WRITEUP CRITICAL WRITEUP
WeeChat 0.3.4-2.7 - Buffer Overflow via IRC Message 005 Nick Prefix Handling
An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick.
CVSS 9.8
CVE-2021-40516 WRITEUP HIGH WRITEUP
WeeChat 0.4.1-3.2.0 - Denial of Service via Crafted WebSocket Frame
WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that trigger an out-of-bounds read in plugins/relay/relay-websocket.c in the Relay plugin.
CVSS 7.5