Vulnerabilities (CVE)

Filtered by vendor Teamspeak Subscribe
Total 10 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-15502 1 Teamspeak 1 Teamspeak 2024-11-21 5.0 MEDIUM 7.5 HIGH
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE).
CVE-2019-11351 1 Teamspeak 1 Teamspeak 2024-11-21 9.3 HIGH 8.8 HIGH
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.
CVE-2017-9982 1 Teamspeak 1 Teamspeak Client 2024-11-21 5.0 MEDIUM 7.5 HIGH
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
CVE-2017-8290 3 Linux, Microsoft, Teamspeak 4 Linux Kernel, Windows, Teamspeak Client and 1 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server.
CVE-2014-7222 1 Teamspeak 1 Teamspeak3 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags.
CVE-2014-7221 1 Teamspeak 1 Teamspeak3 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings.
CVE-2010-3383 1 Teamspeak 1 Teamspeak 2024-11-21 6.9 MEDIUM N/A
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2007-4530 1 Teamspeak 1 Web Server 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html.
CVE-2007-4529 1 Teamspeak 1 Web Server 2024-11-21 8.5 HIGH N/A
The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd.
CVE-2007-3956 2 Microsoft, Teamspeak 2 All Windows, Web Server 2024-11-21 7.8 HIGH N/A
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534.