Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
memcached memcached vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-10931
Memcached 1.6.x prior to 1.6.2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
Memcached Memcached
7.5
CVSSv3
CVE-2020-22570
Memcached 1.6.0 prior to 1.6.3 allows remote malicious users to cause a denial of service (daemon crash) via a crafted meta command.
Memcached Memcached
5.5
CVSSv3
CVE-2021-37519
Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows malicious users to cause a denial of service via crafted authenticattion file.
Memcached Memcached 1.6.9
7.5
CVSSv3
CVE-2019-15026
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
Memcached Memcached 1.5.16
7.5
CVSSv3
CVE-2022-48571
memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.
Memcached Memcached 1.6.7
NA
CVE-2009-2415
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote malicious users to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
Memcachedb Memcached 1.1.12
Memcachedb Memcached 1.2.2
9.8
CVSSv3
CVE-2022-26635
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows malicious users to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.
Php Memcached
7.5
CVSSv3
CVE-2019-11596
In memcached prior to 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
Memcached Memcached
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
NA
CVE-2009-1494
The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote malicious users to obtain potentially sensitive information by sending this command to the daemon's TCP port.
Memcachedb Memcached 1.2.8
8.8
CVSSv3
CVE-2023-41670
Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel (in person: Edward Bock) Use Memcached plugin <= 1.0.4 versions.
Palasthotel Use Memcached
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »