CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39047
https://notcve.org/view.php?id=CVE-2022-39047
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL. Freeciv versiones anteriores a 2.6.7 y anteriores a 3.0.3, es propenso a una vulnerabilidad de desbordamiento de búfer en el manejo de la URL del modpack por parte de la utilidad Modpack Installer • http://www.openwall.com/lists/oss-security/2022/08/31/1 https://bugs.debian.org/1017579 https://osdn.net/projects/freeciv/ticket/45299 https://www.openwall.com/lists/oss-security/2022/08/05/1 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 2%CPEs: 1EXPL: 1CVE-2012-6083 – Freeciv 2.2.1 - Multiple Remote Denial of Service Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-6083
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet. Freeciv versiones anteriores a 2.3.3, permite a atacantes remotos causar una denegación de servicio por medio de un paquete diseñado. • https://www.exploit-db.com/exploits/34249 http://www.openwall.com/lists/oss-security/2012/12/31/2 https://freeciv.fandom.com/wiki/NEWS-2.3.3 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 2%CPEs: 4EXPL: 0CVE-2012-5645
https://notcve.org/view.php?id=CVE-2012-5645
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. Se encontró un fallo de denegación de servicio en la manera en que el componente Freeciv del servidor versiones anteriores a la versión 2.3.4 procesaba ciertos paquetes. Un atacante remoto podría enviar un paquete especialmente diseñado que, cuando se procese, conllevaría al agotamiento de la memoria o el consumo excesivo de la CPU. • http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095378.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095381.html http://lists.fedoraproject.org/pipermail/package-announce/2013-January/096391.html http://www.openwall.com/lists/oss-security/2012/12/18/5 http://www.openwall.com/lists/oss-security/2012/12/22/4 http://www.openwall.com/lists/oss-security/2012/12/30/11 http://www.openwall.com/lists/oss-security/2012/12/30/8 http:&#x • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.0EPSS: 20%CPEs: 9EXPL: 1CVE-2006-0047 – Freeciv 2.0.7 - Jumbo Malloc Crash (Denial of Service)
https://notcve.org/view.php?id=CVE-2006-0047
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values. • https://www.exploit-db.com/exploits/1557 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355211 http://secunia.com/advisories/19120 http://secunia.com/advisories/19227 http://secunia.com/advisories/19253 http://www.debian.org/security/2006/dsa-994 http://www.gentoo.org/security/en/glsa/glsa-200603-11.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:053 http://www.securityfocus.com/archive/1/426866/100/0/threaded http://www.securityfocus.com/bid/1697 • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •