Known Vulnerabilities for products from Openslp
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Openslp".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2019-5544 | OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this... | 9.8 - CRITICAL | 2019-12-06 | 2023-11-07 |
| CVE-2017-17833 | OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as... | 9.8 - CRITICAL | 2018-04-23 | 2020-05-15 |
| CVE-2016-7567 | Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unsp... | 9.8 - CRITICAL | 2017-01-23 | 2020-04-29 |
| CVE-2016-4912 | The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer ... | 7.5 - HIGH | 2017-03-27 | 2017-07-11 |
| CVE-2015-5177 | Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to c... | 7.5 - HIGH | 2017-10-22 | 2017-11-07 |
| CVE-2012-4428 | openslp: SLPIntersectStringList()' Function has a DoS vulnerability | 7.5 - HIGH | 2019-12-02 | 2019-12-16 |
| CVE-2010-3609 | The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 1647, as used in Service Loc... | 5 - MEDIUM | 2011-03-11 | 2018-10-10 |
| CVE-2005-0769 | Multiple buffer overflows in OpenSLP before 1.1.5 allow remote attackers to have an unknown impact via malformed SLP packets. | 7.5 - HIGH | 2005-05-02 | 2018-10-19 |
| CVE-2003-0875 | Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitr... | 2.1 - LOW | 2003-11-17 | 2016-10-18 |
Known software with vulnerabilities from Openslp
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Openslp | Openslp | 0.6.1 |