CVE-2017-5340
- EPSS 7.14%
- Published 11.01.2017 06:59:00
- Last modified 20.04.2025 01:37:25
Zend/zend_hash.c in PHP before 7.0.15 and 7.1.x before 7.1.1 mishandles certain cases that require large array allocations, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow, uninitialized memory a...
CVE-2015-7848
- EPSS 0.85%
- Published 06.01.2017 21:59:00
- Last modified 23.05.2025 02:15:39
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp....
CVE-2016-3064
- EPSS 0.25%
- Published 01.09.2016 01:59:05
- Last modified 12.04.2025 10:46:40
NetApp Clustered Data ONTAP before 8.2.4P4 and 8.3.x before 8.3.2P2 allows remote authenticated users to obtain sensitive cluster and tenant information via unspecified vectors.
CVE-2015-7974
- EPSS 3.67%
- Published 26.01.2016 19:59:00
- Last modified 12.04.2025 10:46:40
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."