Vulnerabilities > Aerospike > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-08-04 CVE-2023-36480 Deserialization of Untrusted Data vulnerability in Aerospike Java Client
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server.
network
low complexity
aerospike CWE-502
critical
9.8
2020-08-05 CVE-2020-13151 OS Command Injection vulnerability in Aerospike Server
Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query.
network
low complexity
aerospike CWE-78
critical
9.8
2017-02-21 CVE-2016-9053 Improper Validation of Array Index vulnerability in Aerospike Database Server 3.10.0.3
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3.
network
low complexity
aerospike CWE-129
critical
9.8
2017-02-21 CVE-2016-9051 Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3.
network
low complexity
aerospike CWE-787
critical
9.8
2017-01-26 CVE-2016-9054 Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3.
network
low complexity
aerospike CWE-787
critical
9.8
2017-01-26 CVE-2016-9052 Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3.
network
low complexity
aerospike CWE-787
critical
9.8