Memcached
Products
1- 27 CVEs
Recent CVEs
27| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8704 | Cri | 0.66 | 9.8 | 0.23 | Jan 6, 2017 | An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | ||
| CVE-2016-8705 | Cri | 0.65 | 9.8 | 0.20 | Jan 6, 2017 | Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | ||
| CVE-2016-8706 | Hig | 0.56 | 8.1 | 0.46 | Jan 6, 2017 | An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution. | ||
| CVE-2017-9951 | Hig | 0.49 | 7.5 | 0.04 | Jul 17, 2017 | The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read.… | ||
| CVE-2026-47784 | Hig | 0.46 | 8.1 | 0.01 | May 20, 2026 | In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass. | ||
| CVE-2026-47783 | Hig | 0.46 | 8.1 | 0.01 | May 20, 2026 | In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass. | ||
| CVE-2018-1000115 | Hig | 0.10 | 7.5 | 0.89 | Mar 5, 2018 | Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been… | ||
| CVE-2011-4971 | 0.05 | — | 0.22 | Dec 12, 2013 | Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large… | |||
| CVE-2020-10931 | 0.02 | — | 0.28 | Mar 24, 2020 | Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c. | |||
| CVE-2022-26635 | 0.01 | — | 0.21 | Apr 5, 2022 | PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly. | |||
| CVE-2009-2415 | 0.01 | — | 0.07 | Aug 10, 2009 | Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows. | |||
| CVE-2023-46853 | 0.00 | — | 0.01 | Oct 27, 2023 | In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. | |||
| CVE-2023-46852 | 0.00 | — | 0.01 | Oct 27, 2023 | In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring. | |||
| CVE-2022-48571 | 0.00 | — | 0.01 | Aug 22, 2023 | memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP. | |||
| CVE-2020-22570 | 0.00 | — | 0.01 | Aug 22, 2023 | Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. | |||
| CVE-2021-37519 | 0.00 | — | 0.00 | Feb 3, 2023 | Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file. | |||
| CVE-2020-35197 | 0.00 | — | 0.02 | Dec 17, 2020 | The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank… | |||
| CVE-2019-15026 | 0.00 | — | 0.03 | Aug 30, 2019 | memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c. | |||
| CVE-2019-11596 | 0.00 | — | 0.03 | Apr 29, 2019 | In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c. | |||
| CVE-2018-1000127 | Hig | 0.00 | 7.5 | 0.02 | Mar 13, 2018 | memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to… |
- risk 0.66cvss 9.8epss 0.23
An integer overflow in the process_bin_append_prepend function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
- risk 0.65cvss 9.8epss 0.20
Multiple integer overflows in process_bin_update function in Memcached, which is responsible for processing multiple commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
- risk 0.56cvss 8.1epss 0.46
An integer overflow in process_bin_sasl_auth function in Memcached, which is responsible for authentication commands of Memcached binary protocol, can be abused to cause heap overflow and lead to remote code execution.
- risk 0.49cvss 7.5epss 0.04
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read.…
- risk 0.46cvss 8.1epss 0.01
In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.
- risk 0.46cvss 8.1epss 0.01
In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as a valid username is found by sasl_server_userdb_checkpass.
- risk 0.10cvss 7.5epss 0.89
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial of service via network flood (traffic amplification of 1:50,000 has been…
- CVE-2011-4971Dec 12, 2013risk 0.05cvss —epss 0.22
Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large…
- CVE-2020-10931Mar 24, 2020risk 0.02cvss —epss 0.28
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
- CVE-2022-26635Apr 5, 2022risk 0.01cvss —epss 0.21
PHP-Memcached v2.2.0 and below contains an improper NULL termination which allows attackers to execute CLRF injection. Note: Third parties have disputed this as not affecting PHP-Memcached directly.
- CVE-2009-2415Aug 10, 2009risk 0.01cvss —epss 0.07
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows.
- CVE-2023-46853Oct 27, 2023risk 0.00cvss —epss 0.01
In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n.
- CVE-2023-46852Oct 27, 2023risk 0.00cvss —epss 0.01
In Memcached before 1.6.22, a buffer overflow exists when processing multiget requests in proxy mode, if there are many spaces after the "get" substring.
- CVE-2022-48571Aug 22, 2023risk 0.00cvss —epss 0.01
memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.
- CVE-2020-22570Aug 22, 2023risk 0.00cvss —epss 0.01
Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.
- CVE-2021-37519Feb 3, 2023risk 0.00cvss —epss 0.00
Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.
- CVE-2020-35197Dec 17, 2020risk 0.00cvss —epss 0.02
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank…
- CVE-2019-15026Aug 30, 2019risk 0.00cvss —epss 0.03
memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer over-read in conn_to_str in memcached.c.
- CVE-2019-11596Apr 29, 2019risk 0.00cvss —epss 0.03
In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.
- risk 0.00cvss 7.5epss 0.02
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to…