Filtered by vendor Teamspeak
Subscribe
Total
10 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-15502 | 1 Teamspeak | 1 Teamspeak | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
The TeamSpeak client before 3.3.2 allows remote servers to trigger a crash via the 0xe2 0x81 0xa8 0xe2 0x81 0xa7 byte sequence, aka Unicode characters U+2068 (FIRST STRONG ISOLATE) and U+2067 (RIGHT-TO-LEFT ISOLATE). | |||||
CVE-2019-11351 | 1 Teamspeak | 1 Teamspeak | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. | |||||
CVE-2017-9982 | 1 Teamspeak | 1 Teamspeak Client | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. | |||||
CVE-2017-8290 | 3 Linux, Microsoft, Teamspeak | 4 Linux Kernel, Windows, Teamspeak Client and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. | |||||
CVE-2014-7222 | 1 Teamspeak | 1 Teamspeak3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags. | |||||
CVE-2014-7221 | 1 Teamspeak | 1 Teamspeak3 | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings. | |||||
CVE-2010-3383 | 1 Teamspeak | 1 Teamspeak | 2024-11-21 | 6.9 MEDIUM | N/A |
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||||
CVE-2007-4530 | 1 Teamspeak | 1 Web Server | 2024-11-21 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html. | |||||
CVE-2007-4529 | 1 Teamspeak | 1 Web Server | 2024-11-21 | 8.5 HIGH | N/A |
The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1) AdminAddServer, (2) AdminDeleteServer, (3) AdminStartServer, and (4) AdminStopServer privileges; and administration of arbitrary virtual servers via a request to a .tscmd URI with a modified serverid parameter, as demonstrated by (a) add_server.tscmd, (b) ask_delete_server.tscmd, (c) start_server.tscmd, and (d) stop_server.tscmd. | |||||
CVE-2007-3956 | 2 Microsoft, Teamspeak | 2 All Windows, Web Server | 2024-11-21 | 7.8 HIGH | N/A |
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP port 14534. |