Latest CVE Feed
-
9.8
CRITICALCVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.... Read more
Affected Products : debian_linux data_ontap oncommand_balance oncommand_performance_manager oncommand_unified_manager ntp clustered_data_ontap rox_ii_firmware ruggedcom_rox_i tim_4r-ie_firmware +3 more products- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2015-7852
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7850
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7705
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.... Read more
Affected Products : data_ontap oncommand_performance_manager oncommand_unified_manager ntp xenserver clustered_data_ontap simatic_cp_443-1_opc_ua_firmware tim_4r-ie_firmware tim_4r-ie_dnp3_firmware tim_4r-ie +1 more products- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7704
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7702
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7701
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7692
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7691
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an inc... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension.... Read more
Affected Products : yeager_cms- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.8
HIGHCVE-2015-5946
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-5244
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.... Read more
Affected Products : mod_nss- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2014-9831
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2014-9830
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2014-9828
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2014-9827
coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025