Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp ntp vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2021-22212
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. Thi...
Ntpsec Ntpsec 1.2.0
Fedoraproject Fedora 34
7.2
CVSSv3
CVE-2021-30166
The NTP Server configuration function of the IP camera device is not verified with special parameters. Remote attackers can perform a command Injection attack and execute arbitrary commands after logging in with the privileged permission.
Meritlilin P2r8852e2 Firmware
Meritlilin P2r8852e4 Firmware
Meritlilin P2r6852e2 Firmware
Meritlilin P2r6852e4 Firmware
Meritlilin P2r6552e2 Firmware
Meritlilin P2r6552e4 Firmware
Meritlilin P2r6352ae2 Firmware
Meritlilin P2r6352ae4 Firmware
Meritlilin P2r3052ae2 Firmware
Meritlilin P2g1052 Firmware
Meritlilin P2r8822e2 Firmware
Meritlilin P2r8822e4 Firmware
Meritlilin P2r6822e2 Firmware
Meritlilin P2r6822e4 Firmware
Meritlilin P2r6522e2 Firmware
Meritlilin P2r6522e4 Firmware
Meritlilin P2r6322ae2 Firmware
Meritlilin P2r6322ae4 Firmware
Meritlilin P2r3022ae2 Firmware
Meritlilin P2g1022 Firmware
Meritlilin P2g1022x Firmware
Meritlilin Z2r8852ax Firmware
7.5
CVSSv3
CVE-2021-0227
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an malicious user to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
4.8
CVSSv3
CVE-2020-25498
Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter.
Beetel 777vr1 Firmware -
1 Github repository
6.1
CVSSv3
CVE-2020-35262
Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and "Keyword" in URL Filter.
Digisol Dg-hr3400 Firmware -
1 Github repository
8.1
CVSSv3
CVE-2020-25748
A Cleartext Transmission issue exists on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. One can also modify responses from NT...
Rubetek Rv-3406 Firmware 339
Rubetek Rv-3406 Firmware 342
Rubetek Rv-3409 Firmware 339
Rubetek Rv-3409 Firmware 342
Rubetek Rv-3411 Firmware 339
Rubetek Rv-3411 Firmware 342
1 Github repository
4.9
CVSSv3
CVE-2020-15025
ntpd in ntp 4.2.8 prior to 4.2.8p15 and 4.3.x prior to 4.3.101 allows remote malicious users to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.ke...
Ntp Ntp 4.2.8
Ntp Ntp
Opensuse Leap 15.1
Opensuse Leap 15.2
Netapp Cloud Backup -
Netapp Steelstore Cloud Integrated Storage -
Netapp 8300 Firmware -
Netapp 8700 Firmware -
Netapp A400 Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Oracle Zfs Storage Appliance Kit 8.8
7.4
CVSSv3
CVE-2020-13817
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. T...
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Element Software -
Netapp Hci Management Node -
Netapp Ontap Tools -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Opensuse Leap 15.1
Opensuse Leap 15.2
Fujitsu M10-1 Firmware
5.3
CVSSv3
CVE-2018-8956
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote malicious users to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or cont...
Ntp Ntp 4.2.8
7.5
CVSSv3
CVE-2020-11868
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Ntp Ntp 4.2.8
Ntp Ntp
Redhat Enterprise Linux 7.0
Netapp Clustered Data Ontap -
Netapp Virtual Storage Console
Netapp Data Ontap -
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node Firmware -
Netapp Fabric-attached Storage 8300 Firmware -
Netapp Fabric-attached Storage 8700 Firmware -
Netapp Fabric-attached Storage A400 Firmware -
Netapp All Flash Fabric-attached Storage 8300 Firmware -
Netapp All Flash Fabric-attached Storage 8700 Firmware -
Netapp All Flash Fabric-attached Storage A400 Firmware -
Debian Debian Linux 8.0
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »