Vulnerabilities (CVE)

Filtered by vendor Freeciv Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-39047 1 Freeciv 1 Freeciv 2024-11-21 N/A 8.8 HIGH
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.
CVE-2012-6083 1 Freeciv 1 Freeciv 2024-11-21 7.8 HIGH 7.5 HIGH
Freeciv before 2.3.3 allows remote attackers to cause a denial of service via a crafted packet.
CVE-2012-5645 2 Fedoraproject, Freeciv 2 Fedora, Freeciv 2024-11-21 7.8 HIGH 7.5 HIGH
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.
CVE-2010-2445 1 Freeciv 1 Freeciv 2024-11-21 10.0 HIGH N/A
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
CVE-2006-3913 1 Freeciv 1 Freeciv 2024-11-21 7.5 HIGH N/A
Buffer overflow in Freeciv 2.1.0-beta1 and earlier, and SVN 15 Jul 2006 and earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (1) negative chunk_length or a (2) large chunk->offset value in a PACKET_PLAYER_ATTRIBUTE_CHUNK packet in the generic_handle_player_attribute_chunk function in common/packets.c, and (3) a large packet->length value in the handle_unit_orders function in server/unithand.c.
CVE-2006-0047 1 Freeciv 1 Freeciv 2024-11-21 5.0 MEDIUM N/A
packets.c in Freeciv 2.0 before 2.0.8 allows remote attackers to cause a denial of service (server crash) via crafted packets with negative compressed size values.