Known Vulnerabilities for products from Memcached
Listed below are 19 of the newest known vulnerabilities associated with the vendor "Memcached".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46853 json | In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of... | 9.8 - CRITICAL | 2023-10-27 | 2023-11-07 |
| CVE-2023-46852 json | In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many space... | 7.5 - HIGH | 2023-10-27 | 2023-11-07 |
| CVE-2022-48571 json | memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. | 7.5 - HIGH | 2023-08-22 | 2023-09-08 |
| CVE-2021-37519 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.5 - MEDIUM | 2023-02-03 | 2023-02-10 |
| CVE-2020-22570 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-08-22 | 2023-08-25 |
| CVE-2020-10931 json | Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protoco... | 7.5 - HIGH | 2020-03-24 | 2020-03-27 |
| CVE-2019-15026 json | memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | 7.5 - HIGH | 2019-08-30 | 2023-11-07 |
| CVE-2019-11596 json | In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a... | 7.5 - HIGH | 2019-04-29 | 2023-11-07 |
| CVE-2018-1000127 json | memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data c... | 7.5 - HIGH | 2018-03-13 | 2020-08-24 |
| CVE-2018-1000115 json | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerabi... | 7.5 - HIGH | 2018-03-05 | 2021-08-04 |
| CVE-2017-9951 json | The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service ... | 7.5 - HIGH | 2017-07-17 | 2019-10-03 |
| CVE-2016-8706 json | An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memca... | 8.1 - HIGH | 2017-01-06 | 2022-04-19 |
| CVE-2016-8705 json | Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands... | 9.8 - CRITICAL | 2017-01-06 | 2022-04-19 |
| CVE-2016-8704 json | An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple com... | 9.8 - CRITICAL | 2017-01-06 | 2022-04-19 |
| CVE-2013-7291 json | memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a req... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2013-7290 json | The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2013-7239 json | memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials,... | 4.8 - MEDIUM | 2014-01-13 | 2018-03-25 |
| CVE-2013-0179 json | The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose m... | 1.8 - LOW | 2014-01-13 | 2018-03-25 |
| CVE-2011-4971 json | Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_upda... | 5 - MEDIUM | 2013-12-12 | 2018-03-25 |
Known software with vulnerabilities from Memcached
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Memcached | Memcached | 1.2.7 |