Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
memcached memcached vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-35945
Couchbase Server 6.5.x, 6.6.0 up to and including 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.
Couchbase Couchbase Server
Couchbase Couchbase Server 7.0.0
5
CVSSv2
CVE-2021-35944
Couchbase Server 6.5.x, 6.6.x up to and including 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.
Couchbase Couchbase Server
Couchbase Couchbase Server 7.0.0
NA
CVE-2023-43768
An issue exists in Couchbase Server 6.6.x up to and including 7.2.0, prior to 7.1.5 and 7.2.1. Unauthenticated users may cause memcached to run out of memory via large commands.
7.1
CVSSv2
CVE-2021-2389
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi...
Oracle Mysql Server
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Active Iq Unified Manager -
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Mariadb Mariadb
NA
CVE-2023-34673
Elenos ETG150 FM transmitter running on version 3.12 exists to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases.
Elenos Etg150 Firmware 3.12
6.8
CVSSv2
CVE-2018-6340
The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30 and 3.27.4 and below).
Facebook Hhvm
Facebook Hhvm 3.30
5
CVSSv2
CVE-2014-8124
OpenStack Dashboard (Horizon) prior to 2014.1.3 and 2014.2.x prior to 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote malicious users to cause a denial of service via a large number of requests to the login page.
Openstack Horizon
Fedoraproject Fedora 21
Opensuse Opensuse 13.1
Oracle Solaris 11.2
6
CVSSv2
CVE-2014-0105
The auth_token middleware in the OpenStack Python client library for Keystone (aka python-keystoneclient) prior to 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large num...
Openstack Python-keystoneclient 0.2.3
Openstack Python-keystoneclient 0.2.2
Openstack Python-keystoneclient 0.3.0
Openstack Python-keystoneclient 0.3.1
Openstack Python-keystoneclient 0.3.2
Openstack Python-keystoneclient
Openstack Python-keystoneclient 0.2.4
7.5
CVSSv2
CVE-2021-33026
The Flask-Caching extension up to and including 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage (e.g., filesystem, Memcached, Redis, etc.), they can construct ...
Flask-caching Project Flask-caching
1 Github repository
4
CVSSv2
CVE-2021-2340
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Memcached). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Ser...
Oracle Mysql
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »