CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-31517
https://notcve.org/view.php?id=CVE-2023-31517
23 May 2023 — A memory leak in the component CConsole::Chain of Teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via opening a crafted file. • http://teeworlds.com • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2023-31518
https://notcve.org/view.php?id=CVE-2023-31518
23 May 2023 — A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file. • https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-43518
https://notcve.org/view.php?id=CVE-2021-43518
15 Dec 2021 — Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. Teeworlds versiones hasta 0.7.5 incluyéndola, es vulnerable a un desbordamiento del búfer. Un analizador de mapas no comprueba el valor m_Channels procedente de un archivo de mapas, conllevando a un desborda... • https://github.com/teeworlds/teeworlds/issues/2981 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 5%CPEs: 6EXPL: 0CVE-2020-12066 – Debian Security Advisory 4763-1
https://notcve.org/view.php?id=CVE-2020-12066
22 Apr 2020 — CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. La función CServer::SendMsg en el archivo engine/server/server.cpp en Teeworlds versiones 0.7.x anteriores a 0.7.5, permite a atacantes remotos apagar el servidor. It was discovered that Teeworlds server did not properly handler certain network traffic. A remote, unauthenticated attacker could use this vulnerability to cause Teeworlds server to crash. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-20787
https://notcve.org/view.php?id=CVE-2019-20787
22 Apr 2020 — Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size. Teeworlds versiones anteriores a la versión 0.7.4, tiene un desbordamiento de enteros al calcular un tamaño de tilemap. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 4%CPEs: 1EXPL: 1CVE-2019-10879
https://notcve.org/view.php?id=CVE-2019-10879
05 Apr 2019 — In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled. En Teeworlds 0.7.2, hay un desbordamiento de enteros en CDataFileReader::Open() en engine/shared/datafile.cpp que puede conducir a un desbordamiento de búfer y, posiblemente, a una ejecución remota de código, debido a que las multiplicaciones relacionadas con el tamaño se gestionan... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2019-10878
https://notcve.org/view.php?id=CVE-2019-10878
05 Apr 2019 — In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution. En Teeworlds 0.7.2, hay una comprobación de límites fallida en CDataFileReader::GetData() y CDataFileReader::ReplaceData() y en las funciones relacionadas en engine/shared/datafile.cpp que puede conducir a una escritura de puntero ... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10877
https://notcve.org/view.php?id=CVE-2019-10877
05 Apr 2019 — In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled. En Teeworlds 0.7.2, hay un desbordamiento de enteros en CMap::Load() en engine/shared/map.cpp que puede conducir a un desbordamiento de búfer debido a que una multiplicación de la anchura altura se gestiona de manera incorrecta. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2018-18541 – Debian Security Advisory 4329-1
https://notcve.org/view.php?id=CVE-2018-18541
20 Oct 2018 — In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets. En Teeworlds en versiones anteriores a la 0.6.5, podrían falsificarse paquetes de conexión. No ha habido un desafío-respuesta involucrado en el build up de conexión. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2016-9400 – Gentoo Linux Security Advisory 201705-13
https://notcve.org/view.php?id=CVE-2016-9400
22 Feb 2017 — The CClient::ProcessServerPacket method in engine/client/client.cpp in Teeworlds before 0.6.4 allows remote servers to write to arbitrary physical memory locations and possibly execute arbitrary code via vectors involving snap handling. El método CClient::ProcessServerPacket en engine/client/client.cpp en Teeworlds en versiones anteriores a 0.6.4 permite a servidores remotos escribir en ubicaciones de memoria física arbitrarias y posiblemente ejecutar código arbitrario a través de vectores que involucran ma... • http://www.openwall.com/lists/oss-security/2016/11/16/8 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •