Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26554
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ntp Ntp 4.2.8
NA
CVE-2023-26555
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
Ntp Ntp 4.2.8
NA
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key b...
Wireguard Wireguard 0.5.3
NA
CVE-2014-125036
A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done withi...
Ansible-ntp Project Ansible-ntp
NA
CVE-2022-36786
DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router.
Dlink Dsl-224 Firmware -
8.5
CVSSv2
CVE-2022-26019
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions before 2.6.0 and pfSense Plus software versions before 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, wh...
Netgate Pfsense Plus
Netgate Pfsense
7.5
CVSSv2
CVE-2022-26991
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted ...
Arris Sbr-ac1900p Firmware 1.0.7-b05
Arris Sbr-ac3200p Firmware 1.0.7-b05
Arris Sbr-ac1200p Firmware 1.0.5-b05
5.8
CVSSv2
CVE-2021-22212
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. Thi...
Ntpsec Ntpsec 1.2.0
Fedoraproject Fedora 34
9
CVSSv2
CVE-2021-30166
The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.
Meritlilin P2r8852e2 Firmware
Meritlilin P2r8852e4 Firmware
Meritlilin P2r6852e2 Firmware
Meritlilin P2r6852e4 Firmware
Meritlilin P2r6552e2 Firmware
Meritlilin P2r6552e4 Firmware
Meritlilin P2r6352ae2 Firmware
Meritlilin P2r6352ae4 Firmware
Meritlilin P2r3052ae2 Firmware
Meritlilin P2g1052 Firmware
Meritlilin P2r8822e2 Firmware
Meritlilin P2r8822e4 Firmware
Meritlilin P2r6822e2 Firmware
Meritlilin P2r6822e4 Firmware
Meritlilin P2r6522e2 Firmware
Meritlilin P2r6522e4 Firmware
Meritlilin P2r6322ae2 Firmware
Meritlilin P2r6322ae4 Firmware
Meritlilin P2r3022ae2 Firmware
Meritlilin P2g1022 Firmware
Meritlilin P2g1022x Firmware
Meritlilin Z2r8852ax Firmware
5
CVSSv2
CVE-2021-0227
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an malicious user to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »