Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Eggheads Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-29576 1 Eggheads 1 Eggdrop Docker Image 2020-12-22 10.0 HIGH 9.8 CRITICAL
The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password.
CVE-2004-0274 1 Eggheads 1 Eggdrop Irc Bot 2017-10-09 7.5 HIGH N/A
Share.mod in Eggheads Eggdrop IRC bot 1.6.10 through 1.6.15 can mistakenly assign STAT_OFFERED status to a bot that is not a sharebot, which allows remote attackers to use STAT_OFFERED to promote a bot to a sharebot and conduct unauthorized activities.
CVE-2009-1789 2 Eggheads, Philip Moore 3 Eggdrop, Eggdrop Irc Bot, Windrop 2017-09-28 4.3 MEDIUM N/A
mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807.
CVE-2007-2807 1 Eggheads 1 Eggdrop Irc Bot 2009-07-09 6.8 MEDIUM N/A
Stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, remote IRC servers to execute arbitrary code via a long private message.