Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp ntp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2020-9026
ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resource ping.cmd. The NTP-2 device is also affected.
Eltex-co Ntp-2 Firmware 3.25.1.1226
Eltex-co Ntp-rg-1402g Firmware 3.25.3.32
9.8
CVSSv3
CVE-2020-9027
ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the resource ping.cmd. The NTP-2 device is also affected.
Eltex-co Ntp-2 Firmware 3.25.1.1226
Eltex-co Ntp-rg-1402g Firmware 3.25.3.32
9.8
CVSSv3
CVE-2020-9020
Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands into cgi-bin/timeconfig.py via shell metacharacters in the NTP Server field.
Iteris Vantage Velocity Firmware 2.3.1
Iteris Vantage Velocity Firmware 2.4.2
Iteris Vantage Velocity Firmware 3.0
6.5
CVSSv3
CVE-2015-7851
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP prior to 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite ...
Ntp Ntp
Ntp Ntp 4.2.8
5.3
CVSSv3
CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
Ntp Ntp 4.2.7
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-iq Centralized Management 4.6.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Link Controller 11.2.1
F5 Enterprise Manager 3.1.1
F5 Big-iq Adc 4.5.0
F5 Big-iq Cloud And Orchestration 1.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-iq Centralized Management
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
6.5
CVSSv3
CVE-2015-1853
chrony prior to 1.31.1 does not properly protect state variables in authenticated symmetric NTP associations, which allows remote attackers with knowledge of NTP peering to cause a denial of service (inability to synchronize) via random timestamps in crafted NTP data packets.
Tuxfamily Chrony
7.5
CVSSv3
CVE-2019-1967
A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX-OS Software could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to excessive use of system resources when the affe...
Cisco Nx-os 8.3
Cisco Nx-os 6.2
Cisco Nx-os 7.3
Cisco Nx-os 8.1
Cisco Nx-os 8.2
Cisco Nx-os 6.0\\(2\\)u6
Cisco Nx-os 7.0\\(3\\)i
Cisco Nx-os 9.2
Cisco Nx-os 9.2\\(1\\)
Cisco Nx-os 6.0\\(2\\)a8\\(9.7\\)
Cisco Nx-os 6.0\\(2\\)a8
Cisco Nx-os 7.0\\(3\\)i7
Cisco Nx-os 7.0\\(3\\)f
Cisco Nx-os 7.1\\(4\\)n1\\(1\\)
Cisco Nx-os 7.1\\(4\\)
Cisco Nx-os 7.1\\(5\\)
Cisco Nx-os 7.2
Cisco Nx-os 8.0
Cisco Nx-os 7.3\\(2\\)d1\\(1\\)
Cisco Nx-os 8.3\\(2\\)s5
8
CVSSv3
CVE-2019-14259
On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a command injection (missing input validation) issue in the NTP server IP address field for the "Time Service Settings web" interface allows an authenticated remote attacker in the same network to trigger OS...
Polycom Obihai Obi1022 Firmware 5.1.11
7.5
CVSSv3
CVE-2019-8936
NTP up to and including 4.2.8p12 has a NULL Pointer Dereference.
Netapp Data Ontap -
Netapp Clustered Data Ontap
Fedoraproject Fedora 28
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 42.3
Opensuse Leap 15.0
Hpe Hpux-ntp
Ntp Ntp 4.2.8
Ntp Ntp
1 Github repository
9.8
CVSSv3
CVE-2018-20053
An issue exists on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
Cerner Connectivity Engine 4 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »