Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/znc@0.045-3%2Betch3

Type deb

Namespace debian

Name znc

Version 0.045-3+etch3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.8.2-2+deb11u1

Latest_non_vulnerable_version 1.8.2-2+deb11u1

Affected_by_vulnerabilities

url VCID-1d33-qsr7-6qb3

vulnerability_id VCID-1d33-qsr7-6qb3

summary Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon crash) via a PING command that lacks an argument.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2812

reference_id

reference_type

scores

value	0.02346
scoring_system	epss
scoring_elements	0.85178
published_at	2026-06-04T12:55:00Z

value	0.02346
scoring_system	epss
scoring_elements	0.85202
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2812

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2812
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2812

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708
reference_id	599708
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708

fixed_packages

url pkg:deb/debian/znc@0.092-3

purl pkg:deb/debian/znc@0.092-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jnq-j782-wfa8

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.092-3

aliases CVE-2010-2812

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1d33-qsr7-6qb3

url VCID-2jnq-j782-wfa8

vulnerability_id VCID-2jnq-j782-wfa8

summary The CBounceDCCMod::OnPrivCTCP function in bouncedcc.cpp in the bouncedcc module in ZNC 0.200 and 0.202 allows remote attackers to cause a denial of service (crash) via a crafted DCC RESUME request.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0033

reference_id

reference_type

scores

value	0.00887
scoring_system	epss
scoring_elements	0.75854
published_at	2026-06-04T12:55:00Z

value	0.00887
scoring_system	epss
scoring_elements	0.75881
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0033

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0033
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0033

fixed_packages

url pkg:deb/debian/znc@0.206-2

purl pkg:deb/debian/znc@0.206-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.206-2

aliases CVE-2012-0033

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jnq-j782-wfa8

url VCID-2u7f-bn8z-p3h4

vulnerability_id VCID-2u7f-bn8z-p3h4

summary Multiple CRLF injection vulnerabilities in webadmin in ZNC before 0.066 allow remote authenticated users to modify the znc.conf configuration file and gain privileges via CRLF sequences in the quit message and other vectors.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-0759

reference_id

reference_type

scores

value	0.0074
scoring_system	epss
scoring_elements	0.73289
published_at	2026-06-04T12:55:00Z

value	0.0074
scoring_system	epss
scoring_elements	0.73325
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-0759

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0759
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0759

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516950
reference_id	516950
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516950

reference_url	https://security.gentoo.org/glsa/200903-02
reference_id	GLSA-200903-02
reference_type
scores
url	https://security.gentoo.org/glsa/200903-02

fixed_packages

url pkg:deb/debian/znc@0.092-3

purl pkg:deb/debian/znc@0.092-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jnq-j782-wfa8

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.092-3

aliases CVE-2009-0759

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2u7f-bn8z-p3h4

url VCID-3fp7-x3tp-m3de

vulnerability_id VCID-3fp7-x3tp-m3de

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14055

reference_id

reference_type

scores

value	0.00365
scoring_system	epss
scoring_elements	0.58784
published_at	2026-06-04T12:55:00Z

value	0.00365
scoring_system	epss
scoring_elements	0.58831
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14056

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903787
reference_id	903787
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903787

reference_url	https://security.archlinux.org/ASA-201807-11
reference_id	ASA-201807-11
reference_type
scores
url	https://security.archlinux.org/ASA-201807-11

reference_url

https://security.archlinux.org/AVG-737

reference_id

AVG-737

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-737

reference_url	https://security.gentoo.org/glsa/201807-03
reference_id	GLSA-201807-03
reference_type
scores
url	https://security.gentoo.org/glsa/201807-03

fixed_packages

url pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

purl pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.6.5-1%252Bdeb9u2

url pkg:deb/debian/znc@1.7.2-3

purl pkg:deb/debian/znc@1.7.2-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-fvwb-9x5r-4kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.7.2-3

aliases CVE-2018-14055

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3fp7-x3tp-m3de

url VCID-4mh3-tja2-tbe7

vulnerability_id VCID-4mh3-tja2-tbe7

summary ZNC 1.0 allows remote authenticated users to cause a denial of service (NULL pointer reference and crash) via a crafted request to the (1) editnetwork, (2) editchan, (3) addchan, or (4) delchan page in modules/webadmin.cpp.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2130

reference_id

reference_type

scores

value	0.01087
scoring_system	epss
scoring_elements	0.78251
published_at	2026-06-04T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.78276
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2130

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2130
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2130

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720632
reference_id	720632
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720632

reference_url	https://security.gentoo.org/glsa/201412-31
reference_id	GLSA-201412-31
reference_type
scores
url	https://security.gentoo.org/glsa/201412-31

fixed_packages

url pkg:deb/debian/znc@1.4-2

purl pkg:deb/debian/znc@1.4-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.4-2

aliases CVE-2013-2130

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mh3-tja2-tbe7

url VCID-6fx1-hauy-3qbz

vulnerability_id VCID-6fx1-hauy-3qbz

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14056

reference_id

reference_type

scores

value	0.00681
scoring_system	epss
scoring_elements	0.72013
published_at	2026-06-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.72054
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14056

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14055
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14055

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14056

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903788
reference_id	903788
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903788

reference_url	https://security.archlinux.org/ASA-201807-11
reference_id	ASA-201807-11
reference_type
scores
url	https://security.archlinux.org/ASA-201807-11

reference_url

https://security.archlinux.org/AVG-737

reference_id

AVG-737

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-737

reference_url	https://security.gentoo.org/glsa/201807-03
reference_id	GLSA-201807-03
reference_type
scores
url	https://security.gentoo.org/glsa/201807-03

fixed_packages

url pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

purl pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.6.5-1%252Bdeb9u2

url pkg:deb/debian/znc@1.7.2-3

purl pkg:deb/debian/znc@1.7.2-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-fvwb-9x5r-4kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.7.2-3

aliases CVE-2018-14056

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fx1-hauy-3qbz

url VCID-79r6-g1j1-zud3

vulnerability_id VCID-79r6-g1j1-zud3

summary Directory traversal vulnerability in ZNC before 0.072 allows remote attackers to overwrite arbitrary files via a crafted DCC SEND request.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2658

reference_id

reference_type

scores

value	0.00962
scoring_system	epss
scoring_elements	0.76855
published_at	2026-06-04T12:55:00Z

value	0.00962
scoring_system	epss
scoring_elements	0.76888
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2658

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2658
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2658

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537977
reference_id	537977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537977

reference_url	https://security.gentoo.org/glsa/200909-17
reference_id	GLSA-200909-17
reference_type
scores
url	https://security.gentoo.org/glsa/200909-17

fixed_packages

url pkg:deb/debian/znc@0.092-3

purl pkg:deb/debian/znc@0.092-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jnq-j782-wfa8

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.092-3

aliases CVE-2009-2658

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-79r6-g1j1-zud3

url VCID-92qg-g1pz-7qh5

vulnerability_id VCID-92qg-g1pz-7qh5

summary In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-39844

reference_id

reference_type

scores

value	0.37139
scoring_system	epss
scoring_elements	0.97254
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-39844

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39844
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39844

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075729
reference_id	1075729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075729

reference_url

https://wiki.znc.in/ChangeLog/1.9.1

reference_id

1.9.1

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:26:13Z/

url

https://wiki.znc.in/ChangeLog/1.9.1

reference_url

https://www.openwall.com/lists/oss-security/2024/07/03/9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:26:13Z/

url

https://www.openwall.com/lists/oss-security/2024/07/03/9

reference_url

http://www.openwall.com/lists/oss-security/2024/07/03/9

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:26:13Z/

url

http://www.openwall.com/lists/oss-security/2024/07/03/9

reference_url

https://wiki.znc.in/Category:ChangeLog

reference_id

Category:ChangeLog

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:26:13Z/

url

https://wiki.znc.in/Category:ChangeLog

reference_url	https://security.gentoo.org/glsa/202409-23
reference_id	GLSA-202409-23
reference_type
scores
url	https://security.gentoo.org/glsa/202409-23

reference_url	https://usn.ubuntu.com/6990-1/
reference_id	USN-6990-1
reference_type
scores
url	https://usn.ubuntu.com/6990-1/

reference_url

https://github.com/znc/znc/releases/tag/znc-1.9.1

reference_id

znc-1.9.1

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:26:13Z/

url

https://github.com/znc/znc/releases/tag/znc-1.9.1

fixed_packages

url	pkg:deb/debian/znc@1.8.2-2%2Bdeb11u1
purl	pkg:deb/debian/znc@1.8.2-2%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.8.2-2%252Bdeb11u1

aliases CVE-2024-39844

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-92qg-g1pz-7qh5

url VCID-f76y-4atq-t3hb

vulnerability_id VCID-f76y-4atq-t3hb

summary Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-12816

reference_id

reference_type

scores

value	0.03681
scoring_system	epss
scoring_elements	0.88129
published_at	2026-06-04T12:55:00Z

value	0.03681
scoring_system	epss
scoring_elements	0.88149
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-12816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9917

reference_url	https://security.gentoo.org/glsa/201908-15
reference_id	GLSA-201908-15
reference_type
scores
url	https://security.gentoo.org/glsa/201908-15

reference_url	https://usn.ubuntu.com/4044-1/
reference_id	USN-4044-1
reference_type
scores
url	https://usn.ubuntu.com/4044-1/

fixed_packages

url pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

purl pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.6.5-1%252Bdeb9u2

url pkg:deb/debian/znc@1.7.2-3

purl pkg:deb/debian/znc@1.7.2-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-fvwb-9x5r-4kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.7.2-3

aliases CVE-2019-12816

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f76y-4atq-t3hb

url VCID-fvwb-9x5r-4kgh

vulnerability_id VCID-fvwb-9x5r-4kgh

summary ZNC 1.8.0 up to 1.8.1-rc1 allows authenticated users to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-13775

reference_id

reference_type

scores

value	0.01008
scoring_system	epss
scoring_elements	0.77414
published_at	2026-06-04T12:55:00Z

value	0.01008
scoring_system	epss
scoring_elements	0.77442
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-13775

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13775
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13775

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962105
reference_id	962105
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962105

fixed_packages

url	pkg:deb/debian/znc@1.8.2-2%2Bdeb11u1
purl	pkg:deb/debian/znc@1.8.2-2%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.8.2-2%252Bdeb11u1

aliases CVE-2020-13775

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvwb-9x5r-4kgh

url VCID-gkkg-r9aw-xfgh

vulnerability_id VCID-gkkg-r9aw-xfgh

summary Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of service (exception and daemon crash) via unknown vectors related to "unsafe substr() calls."

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2934

reference_id

reference_type

scores

value	0.01922
scoring_system	epss
scoring_elements	0.83688
published_at	2026-06-04T12:55:00Z

value	0.01922
scoring_system	epss
scoring_elements	0.83712
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2934

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2934
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2934

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708
reference_id	599708
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599708

fixed_packages

url pkg:deb/debian/znc@0.092-3

purl pkg:deb/debian/znc@0.092-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jnq-j782-wfa8

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.092-3

aliases CVE-2010-2934

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkkg-r9aw-xfgh

url VCID-gyar-557a-akce

vulnerability_id VCID-gyar-557a-akce

summary NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connections.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2488

reference_id

reference_type

scores

value	0.01309
scoring_system	epss
scoring_elements	0.80136
published_at	2026-06-04T12:55:00Z

value	0.01309
scoring_system	epss
scoring_elements	0.80162
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2488

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2488
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2488

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929
reference_id	584929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584929

fixed_packages

url pkg:deb/debian/znc@0.092-3

purl pkg:deb/debian/znc@0.092-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-2jnq-j782-wfa8

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-4mh3-tja2-tbe7

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

vulnerability	VCID-wvjt-x2ht-xuat

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.092-3

aliases CVE-2010-2488

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyar-557a-akce

url VCID-hgkt-dy32-aqc5

vulnerability_id VCID-hgkt-dy32-aqc5

summary ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service (crash) via invalid encoding.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9917

reference_id

reference_type

scores

value	0.01667
scoring_system	epss
scoring_elements	0.82434
published_at	2026-06-04T12:55:00Z

value	0.01667
scoring_system	epss
scoring_elements	0.82463
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9917

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12816
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12816

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9917
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9917

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
reference_id	925285
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285

reference_url	https://usn.ubuntu.com/3950-1/
reference_id	USN-3950-1
reference_type
scores
url	https://usn.ubuntu.com/3950-1/

fixed_packages

url pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

purl pkg:deb/debian/znc@1.6.5-1%2Bdeb9u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.6.5-1%252Bdeb9u2

url pkg:deb/debian/znc@1.7.2-3

purl pkg:deb/debian/znc@1.7.2-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-fvwb-9x5r-4kgh

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.7.2-3

aliases CVE-2019-9917

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgkt-dy32-aqc5

url VCID-wvjt-x2ht-xuat

vulnerability_id VCID-wvjt-x2ht-xuat

summary The CWebAdminMod::ChanPage function in modules/webadmin.cpp in ZNC before 1.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by adding a channel with the same name as an existing channel but without the leading # character, related to a "use-after-delete" error.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9403

reference_id

reference_type

scores

value	0.01087
scoring_system	epss
scoring_elements	0.78251
published_at	2026-06-04T12:55:00Z

value	0.01087
scoring_system	epss
scoring_elements	0.78276
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9403

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9403
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9403

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744712
reference_id	744712
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744712

reference_url	https://security.gentoo.org/glsa/201412-31
reference_id	GLSA-201412-31
reference_type
scores
url	https://security.gentoo.org/glsa/201412-31

fixed_packages

url pkg:deb/debian/znc@1.4-2

purl pkg:deb/debian/znc@1.4-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3fp7-x3tp-m3de

vulnerability	VCID-6fx1-hauy-3qbz

vulnerability	VCID-92qg-g1pz-7qh5

vulnerability	VCID-f76y-4atq-t3hb

vulnerability	VCID-fvwb-9x5r-4kgh

vulnerability	VCID-hgkt-dy32-aqc5

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@1.4-2

aliases CVE-2014-9403

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvjt-x2ht-xuat

Fixing_vulnerabilities

Risk_score 4.0

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/znc@0.045-3%252Betch3

Package Instance