Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp ntp vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-26551
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp<cpdec while loop. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ntp Ntp 4.2.8
NA
CVE-2023-26552
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ntp Ntp 4.2.8
NA
CVE-2023-26553
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ntp Ntp 4.2.8
NA
CVE-2023-26554
mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able to attack a client ntpq process, but cannot attack ntpd.
Ntp Ntp 4.2.8
NA
CVE-2023-26555
praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g., with a manipulated GPS receiver.
Ntp Ntp 4.2.8
NA
CVE-2021-46873
WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key b...
Wireguard Wireguard 0.5.3
NA
CVE-2014-125036
A vulnerability, which was classified as problematic, has been found in drybjed ansible-ntp. Affected by this issue is some unknown functionality of the file meta/main.yml. The manipulation leads to insufficient control of network message volume. The attack can only be done withi...
Ansible-ntp Project Ansible-ntp
NA
CVE-2022-36786
DLINK - DSL-224 Post-auth RCE. DLINK router version 3.0.8 has an interface where you can configure NTP servers (Network Time Protocol) via jsonrpc API. It is possible to inject a command through this interface that will run with ROOT permissions on the router.
Dlink Dsl-224 Firmware -
756
VMScore
CVE-2022-26019
Improper access control vulnerability in pfSense CE and pfSense Plus (pfSense CE software versions before 2.6.0 and pfSense Plus software versions before 22.01) allows a remote attacker with the privilege to change NTP GPS settings to rewrite existing files on the file system, wh...
Netgate Pfsense Plus
Netgate Pfsense
668
VMScore
CVE-2022-26991
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted ...
Arris Sbr-ac1900p Firmware 1.0.7-b05
Arris Sbr-ac3200p Firmware 1.0.7-b05
Arris Sbr-ac1200p Firmware 1.0.5-b05
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »