Known Vulnerabilities for products from Memcached
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Memcached".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-37519 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-02-03 | 2023-02-10 |
| CVE-2020-22570 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-08-22 | 2023-08-25 |
| CVE-2020-10931 | Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protoco... | 7.5 - HIGH | 2020-03-24 | 2020-03-27 |
| CVE-2019-15026 | memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | 7.5 - HIGH | 2019-08-30 | 2023-11-07 |
| CVE-2019-11596 | In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a... | 7.5 - HIGH | 2019-04-29 | 2023-11-07 |
| CVE-2018-1000127 | memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data c... | 7.5 - HIGH | 2018-03-13 | 2020-08-24 |
| CVE-2018-1000115 | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerabi... | 7.5 - HIGH | 2018-03-05 | 2021-08-04 |
| CVE-2017-9951 | The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service ... | 7.5 - HIGH | 2017-07-17 | 2019-10-03 |
| CVE-2016-8706 | An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memca... | 8.1 - HIGH | 2017-01-06 | 2022-04-19 |
| CVE-2016-8705 | Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands... | 9.8 - CRITICAL | 2017-01-06 | 2022-04-19 |
| CVE-2016-8704 | An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple com... | 9.8 - CRITICAL | 2017-01-06 | 2022-04-19 |
| CVE-2013-7291 | memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a req... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2013-7290 | The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2013-7239 | memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials,... | 4.8 - MEDIUM | 2014-01-13 | 2018-03-25 |
| CVE-2013-0179 | The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose m... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2011-4971 | Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_upda... | 5 - MEDIUM | 2013-12-12 | 2018-03-25 |
Known software with vulnerabilities from Memcached
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Memcached | Memcached | 1.2.7 |