VYPR
Vendor

Aerospike

Products
3
CVEs
7
Across products
7
Status
Private

Products

3

Recent CVEs

7
  • CVE-2016-9053CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.07

    An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code…

  • CVE-2016-9051CriFeb 21, 2017
    risk 0.64cvss 9.8epss 0.07

    An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution.…

  • CVE-2016-9054CriJan 26, 2017
    risk 0.64cvss 9.8epss 0.08

    An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_list_by_set_binid resulting in remote code…

  • CVE-2016-9052CriJan 26, 2017
    risk 0.64cvss 9.8epss 0.08

    An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_by_iname resulting in remote code execution.…

  • CVE-2016-9050HigJan 26, 2017
    risk 0.54cvss 8.2epss 0.03

    An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can…

  • CVE-2016-9049HigFeb 21, 2017
    risk 0.49cvss 7.5epss 0.03

    An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger…

  • CVE-2023-36480Aug 4, 2023
    risk 0.00cvss epss 0.02

    The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to versions 7.0.0, 6.2.0, 5.2.0, and 4.5.0 some of the messages received from the server contain Java objects that the client deserializes when it…