Libevent Project Libevent — known CVE vulnerabilities
Every CVE whose affected-product data names Libevent Project Libevent, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2016-10195 — CVSS 9.8 (critical): The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving…
CVE-2014-6272 — CVSS 7.5 (high): Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow…
CVE-2015-6525 — CVSS 7.5 (high): Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent…
CVE-2016-10196 — CVSS 7.5 (high): Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause…
CVE-2016-10197 — CVSS 7.5 (high): The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read)…