Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Memcached
(Memcached)| Repositories | https://github.com/memcached/memcached |
| #Vulnerabilities | 19 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-04-29 | CVE-2019-11596 | In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. | Ubuntu_linux, Memcached | 7.5 | ||
| 2019-08-30 | CVE-2019-15026 | memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | Memcached | 7.5 | ||
| 2023-10-27 | CVE-2023-46852 | In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. | Memcached | 7.5 | ||
| 2023-10-27 | CVE-2023-46853 | In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. | Memcached | 9.8 | ||
| 2023-08-22 | CVE-2022-48571 | memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. | Memcached | 7.5 | ||
| 2023-08-22 | CVE-2020-22570 | Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. | Memcached | 7.5 | ||
| 2023-02-03 | CVE-2021-37519 | Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file. | Memcached | 5.5 | ||
| 2017-01-06 | CVE-2016-8704 | An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | Memcached | 9.8 | ||
| 2017-01-06 | CVE-2016-8705 | Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | Memcached | 9.8 | ||
| 2017-01-06 | CVE-2016-8706 | An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | Memcached | 8.1 |