Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cups cups - vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote malicious users to bypass authentication.
Ntp Ntp 4.2.5
Ntp Ntp 4.2.8
Ntp Ntp
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 9.0
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
7.5
CVSSv2
CVE-2015-7705
The rate limiting feature in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77 allows remote malicious users to have unspecified impact via a large number of crafted requests.
Ntp Ntp 4.2.8
Ntp Ntp
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Oncommand Unified Manager -
Netapp Oncommand Performance Manager -
Citrix Xenserver 7.0
Citrix Xenserver 6.0.2
Citrix Xenserver 6.5
Citrix Xenserver 6.2.0
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
5
CVSSv2
CVE-2017-3730
In OpenSSL 1.1.0 prior to 1.1.0d, if a malicious server supplies bad parameters for a DHE or ECDHE key exchange then this can result in the client attempting to dereference a NULL pointer leading to a client crash. This could be exploited in a Denial of Service attack.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Agile Engineering Data Management 6.1.3
Oracle Agile Engineering Data Management 6.2.0
Oracle Jd Edwards World Security A9.1
Oracle Jd Edwards World Security A9.2
Oracle Jd Edwards World Security A9.3
Oracle Jd Edwards World Security A9.4
Oracle Communications Operations Monitor 3.4
Oracle Communications Operations Monitor 4.0
Oracle Communications Eagle Lnp Application Processor 10.0
Oracle Communications Eagle Lnp Application Processor 10.1
Oracle Communications Eagle Lnp Application Processor 10.2
Oracle Communications Application Session Controller 3.7.1
Oracle Communications Application Session Controller 3.8.0
1 EDB exploit
1 Github repository
1 Article
5
CVSSv2
CVE-2017-3733
During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 prior to 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.
Openssl Openssl 1.1.0c
Openssl Openssl 1.1.0b
Openssl Openssl 1.1.0d
Openssl Openssl 1.1.0
Openssl Openssl 1.1.0a
Hp Operations Agent 11.15
Hp Operations Agent 11.14
1 Github repository
10
CVSSv2
CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x prior to 2.3.32 and 2.5.x prior to 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote malicious users to execute arbitrary commands via a crafted Content-Typ...
Apache Struts 2.3.5
Apache Struts 2.3.28
Apache Struts 2.3.20.2
Apache Struts 2.3.15
Apache Struts 2.3.25
Apache Struts 2.3.14
Apache Struts 2.3.13
Apache Struts 2.3.16
Apache Struts 2.3.24.2
Apache Struts 2.3.17
Apache Struts 2.3.24.1
Apache Struts 2.3.22
Apache Struts 2.3.9
Apache Struts 2.3.16.3
Apache Struts 2.3.23
Apache Struts 2.3.6
Apache Struts 2.3.24.3
Apache Struts 2.3.15.2
Apache Struts 2.3.29
Apache Struts 2.3.14.3
Apache Struts 2.3.19
Apache Struts 2.3.20.1
2 EDB exploits
2 Nmap scripts
148 Github repositories
15 Articles
5.8
CVSSv2
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp 4.2.8
Ntp Ntp
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd 10.2
Freebsd Freebsd 10.1
Freebsd Freebsd
Netapp Oncommand Balance -
Netapp Clustered Data Ontap -
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
2.1
CVSSv2
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
Ntp Ntp 4.3.6
Ntp Ntp 4.3.2
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2
Ntp Ntp
Ntp Ntp 4.3.80
Ntp Ntp 4.3.51
Ntp Ntp 4.3.17
Ntp Ntp 4.3.30
Ntp Ntp 4.3.74
Ntp Ntp 4.3.67
Ntp Ntp 4.3.14
Ntp Ntp 4.3.27
Ntp Ntp 4.3.13
Ntp Ntp 4.3.36
Ntp Ntp 4.3.16
Ntp Ntp 4.3.35
Ntp Ntp 4.3.53
Ntp Ntp 4.3.64
Ntp Ntp 4.3.20
Ntp Ntp 4.3.40
Ntp Ntp 4.3.68
Ntp Ntp 4.3.46
Ntp Ntp 4.3.77
Ntp Ntp 4.3.1
5
CVSSv2
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
5.8
CVSSv2
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »