CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 2CVE-2021-43518
https://notcve.org/view.php?id=CVE-2021-43518
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. Teeworlds versiones hasta 0.7.5 incluyéndola, es vulnerable a un desbordamiento del búfer. Un analizador de mapas no comprueba el valor m_Channels procedente de un archivo de mapas, conllevando a un desbordamiento del búfer. • https://github.com/teeworlds/teeworlds/issues/2981 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIYZ7EVY6NZBM7FQF6GVUARYO6MKSEAT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OS2LI2RHQNUKUT3FKWYHRC27PLRWCHMZ https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 1%CPEs: 6EXPL: 0CVE-2020-12066
https://notcve.org/view.php?id=CVE-2020-12066
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server. La función CServer::SendMsg en el archivo engine/server/server.cpp en Teeworlds versiones 0.7.x anteriores a 0.7.5, permite a atacantes remotos apagar el servidor. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00045.html https://github.com/teeworlds/teeworlds/commit/c68402fa7e279d42886d5951d1ea8ac2facc1ea5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVYG7CCPS5F3OPOQMJKVNXTQ7BXSEX2V https://usn.ubuntu.com/4553-1 https://www.debian.org/security/2020/dsa-4763 https://www.teeworlds.com/forum/viewtopic.php?id=14785 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-20787
https://notcve.org/view.php?id=CVE-2019-20787
Teeworlds before 0.7.4 has an integer overflow when computing a tilemap size. Teeworlds versiones anteriores a la versión 0.7.4, tiene un desbordamiento de enteros al calcular un tamaño de tilemap. • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00044.html http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00045.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVYG7CCPS5F3OPOQMJKVNXTQ7BXSEX2V https://www.teeworlds.com/forum/viewtopic.php?pid=123860 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2019-10879
https://notcve.org/view.php?id=CVE-2019-10879
In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled. En Teeworlds 0.7.2, hay un desbordamiento de enteros en CDataFileReader::Open() en engine/shared/datafile.cpp que puede conducir a un desbordamiento de búfer y, posiblemente, a una ejecución remota de código, debido a que las multiplicaciones relacionadas con el tamaño se gestionan de manera incorrecta. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://github.com/teeworlds/teeworlds/issues/2070 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2019-10878
https://notcve.org/view.php?id=CVE-2019-10878
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution. En Teeworlds 0.7.2, hay una comprobación de límites fallida en CDataFileReader::GetData() y CDataFileReader::ReplaceData() y en las funciones relacionadas en engine/shared/datafile.cpp que puede conducir a una escritura de puntero de liberación arbitraria y fuera de límites que podría resultar en una ejecución remota de código. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html https://github.com/teeworlds/teeworlds/issues/2073 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC • CWE-787: Out-of-bounds Write •