Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.
Max CVSS
8.8
EPSS Score
0.13%
Published
2022-08-31
Updated
2022-09-05
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
Max CVSS
7.8
EPSS Score
1.93%
Published
2020-01-23
Updated
2020-01-27
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.
Max CVSS
7.8
EPSS Score
2.02%
Published
2019-12-30
Updated
2020-01-03
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
Max CVSS
10.0
EPSS Score
0.41%
Published
2010-07-08
Updated
2021-06-30
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.
Max CVSS
7.5
EPSS Score
4.64%
Published
2006-07-28
Updated
2018-10-17
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.
Max CVSS
5.0
EPSS Score
20.13%
Published
2006-03-07
Updated
2018-10-19
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!