Known Vulnerabilities for products from Ntp
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Ntp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-26555 json | praecis_parse in ntpd/refclock_palisade.c in NTP 4.2.8p15 has an out-of-bounds write. Any attack method would be complex, e.g... | 6.4 - MEDIUM | 2023-04-11 | 2023-11-07 |
| CVE-2023-26554 json | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a '\0' character. An adversary may be able... | 5.6 - MEDIUM | 2023-04-11 | 2023-04-20 |
| CVE-2023-26553 json | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when copying the trailing number. An adversary may be ... | 5.6 - MEDIUM | 2023-04-11 | 2023-04-20 |
| CVE-2023-26552 json | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write when adding a decimal point. An adversary may be able ... | 5.6 - MEDIUM | 2023-04-11 | 2023-04-20 |
| CVE-2023-26551 json | mstolfp in libntp/mstolfp.c in NTP 4.2.8p15 has an out-of-bounds write in the cp| 5.6 - MEDIUM
|
2023-04-11
|
2023-04-20
|
|
| CVE-2020-15025 json | ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consu... | 4.9 - MEDIUM | 2020-06-24 | 2023-11-07 |
| CVE-2020-13817 json | ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or sys... | 7.4 - HIGH | 2020-06-04 | 2022-03-29 |
| CVE-2020-11868 json | ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via... | 7.5 - HIGH | 2020-04-17 | 2022-04-26 |
| CVE-2019-11331 json | Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required... | 8.1 - HIGH | 2019-04-18 | 2023-11-07 |
| CVE-2019-8936 json | NTP through 4.2.8p12 has a NULL Pointer Dereference. | 7.5 - HIGH | 2019-05-15 | 2023-11-07 |
| CVE-2018-12327 json | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalat... | 9.8 - CRITICAL | 2018-06-20 | 2020-08-24 |
| CVE-2018-8956 json | ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing... | 5.3 - MEDIUM | 2020-05-06 | 2020-07-19 |
| CVE-2018-7185 json | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by conti... | 7.5 - HIGH | 2018-03-06 | 2020-08-24 |
| CVE-2018-7184 json | ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers... | 7.5 - HIGH | 2018-03-06 | 2020-08-24 |
| CVE-2018-7183 json | Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrar... | 9.8 - CRITICAL | 2018-03-08 | 2021-07-20 |
| CVE-2018-7182 json | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bo... | 7.5 - HIGH | 2018-03-06 | 2019-10-31 |
| CVE-2018-7170 json | ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to cr... | 5.3 - MEDIUM | 2018-03-06 | 2020-06-18 |
| CVE-2017-6464 json | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed... | 6.5 - MEDIUM | 2017-03-27 | 2018-04-12 |
| CVE-2017-6463 json | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via... | 6.5 - MEDIUM | 2017-03-27 | 2019-01-24 |
| CVE-2017-6462 json | Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4... | 7.8 - HIGH | 2017-03-27 | 2019-01-24 |
Known software with vulnerabilities from Ntp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Ntp | Ntp | - |