Vulnerabilities > Ntop > Ndpi > High

DATE CVE VULNERABILITY TITLE RISK
2020-07-01 CVE-2020-15475 Use After Free vulnerability in Ntop Ndpi
In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
network
low complexity
ntop CWE-416
7.5
7.5
2020-07-01 CVE-2020-15474 Out-of-bounds Write vulnerability in Ntop Ndpi
In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.
network
low complexity
ntop CWE-787
7.5
7.5
2020-04-23 CVE-2020-11939 Integer Overflow or Wraparound vulnerability in Ntop Ndpi
In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c.
network
low complexity
ntop CWE-190
7.5
7.5