Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntp vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2017-6458
Multiple buffer overflows in the ctl_put* functions in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
Ntp Ntp 4.2.8
Ntp Ntp
Hpe Hpux-ntp
Apple Mac Os X
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
578
VMScore
CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP prior to 4.2.8p10 and 4.3.x prior to 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
Ntp Ntp 4.3.13
Ntp Ntp 4.3.14
Ntp Ntp 4.3.11
Ntp Ntp 4.3.12
Ntp Ntp 4.3.19
Ntp Ntp 4.3.2
Ntp Ntp 4.3.26
Ntp Ntp 4.3.20
Ntp Ntp 4.3.21
Ntp Ntp 4.3.29
Ntp Ntp 4.3.3
Ntp Ntp 4.3.36
Ntp Ntp 4.3.37
Ntp Ntp 4.3.43
Ntp Ntp 4.3.44
Ntp Ntp 4.3.51
Ntp Ntp 4.3.52
Ntp Ntp 4.3.59
Ntp Ntp 4.3.6
Ntp Ntp 4.3.66
Ntp Ntp 4.3.67
Ntp Ntp 4.3.74
578
VMScore
CVE-2008-3081
Multiple unspecified "input validation" vulnerabilities in the Web management interface (aka Messaging Administration interface) in Avaya Message Storage Server (MSS) 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to exe...
Avaya Messaging Storage Server 3.1
Avaya Messaging Storage Server 4.0
Avaya Messaging Storage Server 3
516
VMScore
CVE-2021-22212
ntpkeygen can generate keys that ntpd fails to parse. NTPsec 1.2.0 allows ntpkeygen to generate keys with '#' characters. ntpd then either pads, shortens the key, or fails to load these keys entirely, depending on the key type and the placement of the '#'. Thi...
Ntpsec Ntpsec 1.2.0
Fedoraproject Fedora 34
516
VMScore
CVE-2020-13817
ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. T...
Ntp Ntp
Ntp Ntp 4.2.8
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Netapp Data Ontap -
Netapp Element Software -
Netapp Hci Management Node -
Netapp Ontap Tools -
Netapp Solidfire -
Netapp Steelstore Cloud Integrated Storage -
Netapp Hci Compute Node Firmware -
Netapp H410c Firmware -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Opensuse Leap 15.1
Opensuse Leap 15.2
Fujitsu M10-1 Firmware
516
VMScore
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
Ntp Ntp 4.2.8
Siemens Tim 4r-ie Firmware
Siemens Tim 4r-ie Dnp3 Firmware
Freebsd Freebsd 9.3
Freebsd Freebsd
Freebsd Freebsd 10.1
Freebsd Freebsd 10.2
Netapp Clustered Data Ontap -
Netapp Oncommand Balance -
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
516
VMScore
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
508
VMScore
CVE-2013-5211
The monlist feature in ntp_request.c in ntpd in NTP prior to 4.2.7p26 allows remote malicious users to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
Opensuse Opensuse 11.4
Ntp Ntp 4.2.7
Ntp Ntp
Oracle Linux 6
Oracle Linux 7
1 EDB exploit
9 Github repositories
505
VMScore
CVE-2018-7182
The ctl_getitem method in ntpd in ntp-4.2.8p6 prior to 4.2.8p11 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 up to and including 4.2.8p10.
Ntp Ntp 4.2.8
Canonical Ubuntu Linux 17.10
Canonical Ubuntu Linux 18.04
Netapp Element Software -
1 EDB exploit
445
VMScore
CVE-2021-0227
An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an malicious user to cause Denial of Service (DoS) by sending certain crafted HTTP packets. Continued receipt and processing of...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »