Teamspeak
Products
3- 7 CVEs
- 6 CVEs
- 4 CVEs
Recent CVEs
14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8290 | Hig | 0.49 | 7.5 | 0.01 | Jul 6, 2017 | A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server. | ||
| CVE-2017-9982 | Hig | 0.49 | 7.5 | 0.03 | Jun 27, 2017 | TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character. | ||
| CVE-2014-7222 | Med | 0.46 | 6.5 | 0.11 | Jan 8, 2018 | Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash)… | ||
| CVE-2014-7221 | Med | 0.46 | 6.5 | 0.11 | Jan 8, 2018 | TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http://… | ||
| CVE-2026-4390 | Med | 0.35 | 5.4 | 0.00 | May 27, 2026 | A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to… | ||
| CVE-2026-4392 | Med | 0.34 | 5.3 | 0.00 | May 27, 2026 | A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible.… | ||
| CVE-2026-4391 | Med | 0.34 | 5.3 | 0.00 | May 27, 2026 | A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able… | ||
| CVE-2007-3956 | 0.04 | — | 0.08 | Jul 24, 2007 | TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP… | |||
| CVE-2003-1158 | 0.03 | — | 0.03 | Dec 31, 2003 | Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | |||
| CVE-2022-50931 | 0.00 | — | 0.00 | Jan 13, 2026 | TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or… | |||
| CVE-2019-11351 | 0.00 | — | 0.04 | Apr 19, 2019 | TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework. | |||
| CVE-2010-3383 | 0.00 | — | 0.00 | Oct 20, 2010 | The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | |||
| CVE-2007-4530 | 0.00 | — | 0.01 | Aug 25, 2007 | Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html. | |||
| CVE-2007-4529 | 0.00 | — | 0.02 | Aug 25, 2007 | The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1)… |
- risk 0.49cvss 7.5epss 0.01
A potential Buffer Overflow Vulnerability (from a BB Code handling issue) has been identified in TeamSpeak Server version 3.0.13.6 (08/11/2016 09:48:33), it enables the users to Crash any WINDOWS Client that clicked into a Vulnerable Channel of a TeamSpeak Server.
- risk 0.49cvss 7.5epss 0.03
TeamSpeak Client 3.0.19 allows remote attackers to cause a denial of service (application crash) via the ᗪ Unicode character followed by the ༿ Unicode character.
- risk 0.46cvss 6.5epss 0.11
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash)…
- risk 0.46cvss 6.5epss 0.11
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http://…
- risk 0.35cvss 5.4epss 0.00
A weakness has been identified in TeamSpeak 3 Server up to 3.13.7. This affects the function process_resend_queue of the component Connection State Management. This manipulation causes use after free. The attack may be initiated remotely. Upgrading to version 3.13.8 is able to…
- risk 0.34cvss 5.3epss 0.00
A vulnerability was detected in TeamSpeak 3 Server up to 3.13.7. This issue affects some unknown processing of the component clientek Handshake Handler. Performing a manipulation of the argument proof results in reachable assertion. Remote exploitation of the attack is possible.…
- risk 0.34cvss 5.3epss 0.00
A security vulnerability has been detected in TeamSpeak 3 Server up to 3.13.7. This vulnerability affects unknown code of the component ECC Key Parser. Such manipulation leads to heap-based buffer overflow. The attack may be launched remotely. Upgrading to version 3.13.8 is able…
- CVE-2007-3956Jul 24, 2007risk 0.04cvss —epss 0.08
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption) via long username and password parameters in a request to login.tscmd on TCP…
- CVE-2003-1158Dec 31, 2003risk 0.03cvss —epss 0.03
Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands.
- CVE-2022-50931Jan 13, 2026risk 0.00cvss —epss 0.00
TeamSpeak 3.5.6 contains an insecure file permissions vulnerability that allows local attackers to replace executable files with malicious binaries. Attackers can replace system executables like ts3client_win32.exe with custom files to potentially gain SYSTEM or…
- CVE-2019-11351Apr 19, 2019risk 0.00cvss —epss 0.04
TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt framework.
- CVE-2010-3383Oct 20, 2010risk 0.00cvss —epss 0.00
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
- CVE-2007-4530Aug 25, 2007risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in TeamSpeak Server 2.0.20.1 allow remote attackers to inject arbitrary web script or HTML via (1) the error_text parameter to error_box.html or (2) the ok_title parameter to ok_box.html.
- CVE-2007-4529Aug 25, 2007risk 0.00cvss —epss 0.02
The WebAdmin interface in TeamSpeak Server 2.0.20.1 allows remote authenticated users with the ServerAdmin flag to assign Registered users certain privileges, resulting in a privilege set that extends beyond that ServerAdmin's own servers, as demonstrated by the (1)…