Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2018-18638
A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network malicious users to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.
Neatorobotics Botvac Connected Firmware 2.2.0
7.5
CVSSv2
CVE-2018-20053
An issue exists on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
Cerner Connectivity Engine 4 Firmware
NA
CVE-2023-33013
A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01(ABIR.1)C0 could allow an authenticated malicious user to execute some OS commands remotely by sending a crafted HTTP request.
Zyxel Nbg6604 Firmware 1.01\\(abir.1\\)c0
5
CVSSv2
CVE-2014-9576
VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of (1) ArpaRomaWi for the root Postgres account and !DVService for the (2) postgres and (3) NTP Windows user accounts, which allows remote malicious users to obtain access.
Vdgsecurity Vdg Sense 2.3.13
NA
CVE-2023-3036
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote malicious user to trigger a panic by sending an NTSAuthenticator packet with extension lengt...
Cloudflare Cfnts
6.5
CVSSv2
CVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
6.5
CVSSv2
CVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x prior to 4.2.8p4, and 4.3.x prior to 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Oncommand Balance -
Netapp Oncommand Performance Manager -
Netapp Oncommand Unified Manager -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
5
CVSSv2
CVE-2014-3309
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote malicious users to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj663...
Cisco Ios Xe -
Cisco Ios -
10
CVSSv2
CVE-2006-3628
Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote malicious users to cause a denial of service and possibly execute arbitrary code via the (1) ANSI MAP, (2) Checkpoint FW-1, (3) MQ, (4) XML, and (5) NTP dissectors.
Ethereal Group Ethereal 0.10.1
Ethereal Group Ethereal 0.10.10
Ethereal Group Ethereal 0.10.4
Ethereal Group Ethereal 0.10.5
Ethereal Group Ethereal 0.10.6
Wireshark Wireshark 0.10.4
Wireshark Wireshark 0.99
Ethereal Group Ethereal 0.10.11
Ethereal Group Ethereal 0.10.12
Ethereal Group Ethereal 0.10.7
Ethereal Group Ethereal 0.10.8
Wireshark Wireshark 0.99.1
Ethereal Group Ethereal 0.10.0
Ethereal Group Ethereal 0.10.0a
Ethereal Group Ethereal 0.10.2
Ethereal Group Ethereal 0.10.3
Wireshark Wireshark 0.10
Wireshark Wireshark 0.10.13
Ethereal Group Ethereal 0.10
Ethereal Group Ethereal 0.10.13
Ethereal Group Ethereal 0.10.14
Ethereal Group Ethereal 0.10.9
5
CVSSv2
CVE-2006-0375
Advantage Century Telecommunication (ACT) P202S IP Phone 1.01.21 running firmware 1.1.21 on VxWorks uses a hardcoded Network Time Protocol (NTP) server in Taiwan, which could allow remote malicious users to provide false time information, block access to time information, or cond...
Advantage Century Telecommunication P202s 1.01.21 Firmware 1.1.21
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »