CVE-2018-1000127
- EPSS 2.32%
- Veröffentlicht 13.03.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 03:39:44
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable...
CVE-2018-1000115
- EPSS 88.64%
- Veröffentlicht 05.03.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:39:40
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification...
CVE-2017-9951
- EPSS 4.17%
- Veröffentlicht 17.07.2017 13:18:30
- Zuletzt bearbeitet 13.05.2026 00:24:29
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a ...
CVE-2016-8706
- EPSS 45.7%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVE-2016-8705
- EPSS 19.85%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVE-2016-8704
- EPSS 23.17%
- Veröffentlicht 06.01.2017 21:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
CVE-2013-7291
- EPSS 0.93%
- Veröffentlicht 13.01.2014 21:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source t...
CVE-2013-7290
- EPSS 0.93%
- Veröffentlicht 13.01.2014 21:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for...
CVE-2013-7239
- EPSS 1.18%
- Veröffentlicht 13.01.2014 21:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials.
CVE-2013-0179
- EPSS 1.5%
- Veröffentlicht 13.01.2014 21:55:05
- Zuletzt bearbeitet 29.04.2026 01:13:23
The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not ...