Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
memcached memcached vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-46853
In Memcached prior to 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
Memcached Memcached
7.5
CVSSv3
CVE-2017-9951
The try_read_command function in memcached.c in memcached prior to 1.4.39 allows remote malicious users to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over...
Memcached Memcached
7.5
CVSSv3
CVE-2022-48571
memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.
Memcached Memcached 1.6.7
7.5
CVSSv3
CVE-2019-15026
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
Memcached Memcached 1.5.16
5.5
CVSSv3
CVE-2021-37519
Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows malicious users to cause a denial of service via crafted authenticattion file.
Memcached Memcached 1.6.9
NA
CVE-2009-2415
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote malicious users to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
Memcachedb Memcached 1.1.12
Memcachedb Memcached 1.2.2
9.8
CVSSv3
CVE-2022-26635
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows malicious users to execute CLRF injection.
Php Memcached
7.5
CVSSv3
CVE-2019-11596
In memcached prior to 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
Memcached Memcached
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
NA
CVE-2009-1494
The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote malicious users to obtain potentially sensitive information by sending this command to the daemon's TCP port.
Memcachedb Memcached 1.2.8
8.8
CVSSv3
CVE-2023-41670
Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel (in person: Edward Bock) Use Memcached plugin <= 1.0.4 versions.
Palasthotel Use Memcached
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »