Vulnerabilities > Memcached > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-27 | CVE-2023-46852 | Classic Buffer Overflow vulnerability in Memcached In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. | 7.5 |
2023-08-22 | CVE-2020-22570 | Command Injection vulnerability in Memcached 1.6.0/1.6.1/1.6.2 Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. | 7.5 |
2023-08-22 | CVE-2022-48571 | Resource Exhaustion vulnerability in Memcached 1.6.7 memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. | 7.5 |
2019-08-30 | CVE-2019-15026 | Out-of-bounds Read vulnerability in Memcached 1.5.16 memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | 7.5 |
2019-04-29 | CVE-2019-11596 | NULL Pointer Dereference vulnerability in multiple products In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. | 7.5 |
2017-01-06 | CVE-2016-8705 | Integer Overflow or Wraparound vulnerability in Memcached Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | 7.5 |
2017-01-06 | CVE-2016-8704 | Integer Overflow or Wraparound vulnerability in Memcached An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | 7.5 |