Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2020-9027
ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.
Eltex-co Ntp-2 Firmware 3.25.1.1226
Eltex-co Ntp-rg-1402g Firmware 3.25.3.32
3.5
CVSSv2
CVE-2015-7851
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP prior to 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite ...
Ntp Ntp
Ntp Ntp 4.2.8
5
CVSSv2
CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
Ntp Ntp 4.2.7
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-iq Centralized Management 4.6.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Link Controller 11.2.1
F5 Enterprise Manager 3.1.1
F5 Big-iq Adc 4.5.0
F5 Big-iq Cloud And Orchestration 1.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-iq Centralized Management
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
4
CVSSv2
CVE-2015-1853
chrony prior to 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.
Tuxfamily Chrony
7.8
CVSSv2
CVE-2019-1967
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affe...
Cisco Nx-os 8.3
Cisco Nx-os 6.2
Cisco Nx-os 7.3
Cisco Nx-os 8.1
Cisco Nx-os 8.2
Cisco Nx-os 6.0\\(2\\)u6
Cisco Nx-os 7.0\\(3\\)i
Cisco Nx-os 9.2
Cisco Nx-os 9.2\\(1\\)
Cisco Nx-os 6.0\\(2\\)a8\\(9.7\\)
Cisco Nx-os 6.0\\(2\\)a8
Cisco Nx-os 7.0\\(3\\)i7
Cisco Nx-os 7.0\\(3\\)f
Cisco Nx-os 7.1\\(4\\)n1\\(1\\)
Cisco Nx-os 7.1\\(4\\)
Cisco Nx-os 7.1\\(5\\)
Cisco Nx-os 7.2
Cisco Nx-os 8.0
Cisco Nx-os 7.3\\(2\\)d1\\(1\\)
Cisco Nx-os 8.3\\(2\\)s5
7.7
CVSSv2
CVE-2019-14259
On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS...
Polycom Obihai Obi1022 Firmware 5.1.11
5
CVSSv2
CVE-2019-8936
NTP up to and including 4.2.8p12 has a NULL Pointer Dereference.
Netapp Data Ontap -
Netapp Clustered Data Ontap
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 42.3
Opensuse Leap 15.0
Hpe Hpux-ntp
Ntp Ntp 4.2.8
Ntp Ntp
1 Github repository
7.5
CVSSv2
CVE-2018-20053
An issue exists on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
Cerner Connectivity Engine 4 Firmware
6.8
CVSSv2
CVE-2019-11331
Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote malicious users to conduct off-path attacks.
Ntp Ntp -
9.3
CVSSv2
CVE-2018-18638
A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network malicious users to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.
Neatorobotics Botvac Connected Firmware 2.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »