VYPR
Vendor

Ircu

Products
2
CVEs
11
Across products
11
Status
Private

Products

2

Recent CVEs

11
  • CVE-2020-10266HigApr 6, 2020
    risk 0.53cvss 8.1epss 0.00

    UR+ (Universal Robots+) is a platform of hardware and software component sellers, for Universal Robots robots. When installing any of these components in the robots (e.g. in the UR10), no integrity checks are performed. Moreover, the SDK for making such components can be easily…

  • CVE-2020-10290MedAug 21, 2020
    risk 0.44cvss 6.8epss 0.00

    Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the overall robot operations as demonstrated in our video. In our PoC we demonstrate…

  • CVE-2008-1501Mar 25, 2008
    risk 0.03cvss epss 0.05

    The send_user_mode function in s_user.c in (1) Undernet ircu 2.10.12.12 and earlier, (2) snircd 1.3.4 and earlier, and unspecified other ircu derivatives allows remote attackers to cause a denial of service (daemon crash) via a malformed MODE command.

  • CVE-2007-4409Aug 18, 2007
    risk 0.00cvss epss 0.01

    Race condition in ircu 2.10.12.01 through 2.10.12.05 allows remote attackers to set a new Apass during a netburst by arranging for ops privilege to be granted before the mode arrives.

  • CVE-2007-4410Aug 18, 2007
    risk 0.00cvss epss 0.01

    ircu 2.10.12.05 and earlier does not properly synchronize a kick action in certain cross scenarios, which allows remote authenticated operators to prevent later kick or de-op actions from non-local ops.

  • CVE-2007-4405Aug 18, 2007
    risk 0.00cvss epss 0.02

    ircu 2.10.12.02 through 2.10.12.04 allows remote attackers to cause a denial of service (memory and bandwidth consumption) by creating a large number of unused channels (zannels).

  • CVE-2007-4408Aug 18, 2007
    risk 0.00cvss epss 0.01

    ircu 2.10.12.05 and earlier ignores timestamps in bounces, which allows remote attackers to take over a channel during a netjoin by causing a bounce while a server with an older version of the channel is linking.

  • CVE-2007-4411Aug 18, 2007
    risk 0.00cvss epss 0.01

    ircu 2.10.12.05 and earlier allows remote attackers to discover the hidden IP address of arbitrary +x users via a series of /silence commands with (1) CIDR mask arguments or (2) certain other arguments that represent groups of IP addresses, then monitoring CTCP ping replies.

  • CVE-2007-4404Aug 18, 2007
    risk 0.00cvss epss 0.02

    ircu 2.10.12.01 allows remote attackers to (1) cause a denial of service (flood wallops) by joining two channels with certain long names that differ in the final character, which triggers a protocol violation and (2) cause a denial of service (daemon crash) via a "J 0:#channel"…

  • CVE-2007-4407Aug 18, 2007
    risk 0.00cvss epss 0.01

    ircu 2.10.12.03 and 2.10.12.04 does not associate a timestamp with ops privilege on an unused channel (zannel), which allows remote attackers to (1) set or remove certain channel modes via a "netriding" attack or (2) take over a channel by joining an unlinked server with the…

  • CVE-2007-4406Aug 18, 2007
    risk 0.00cvss epss 0.01

    ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows remote attackers to gain control of a channel during a split.