c.4.2.8.3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2019-05-15	CVE-2019-8936	NULL Pointer Dereference vulnerability in multiple products NTP through 4.2.8p12 has a NULL Pointer Dereference. network low complexity netapp fedoraproject opensuse hpe ntp CWE-476	7.5
2018-06-04	CVE-2016-9042	Improper Input Validation vulnerability in multiple products An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. network high complexity ntp freebsd hpe siemens CWE-20	5.9
2018-03-06	CVE-2018-7185	The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association. network low complexity ntp synology canonical netapp hpe oracle	7.5
2018-03-06	CVE-2018-7170	ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. network high complexity ntp synology netapp hpe	5.3
2017-03-27	CVE-2017-6458	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. network low complexity ntp hpe apple siemens CWE-119	8.8