memcached (SUSE:Enterprise Storage 4) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Enterprise Storage 4 package memcached, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (9)
CVE-2016-8704 — CVSS 9.8 (critical): An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of…
CVE-2016-8705 — CVSS 9.8 (critical): Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached…
CVE-2016-8706 — CVSS 8.1 (high): An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary…
CVE-2017-9951 — CVSS 7.5 (high): The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation…
CVE-2011-4971 — CVSS 5.0 (medium): Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4)…
CVE-2013-7239 — CVSS 4.8 (medium): memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending…
CVE-2013-7291 — CVSS 1.8 (low): memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that…
CVE-2013-7290 — CVSS 1.8 (low): The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote…
CVE-2013-0179 — CVSS 1.8 (low): The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows…