Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/03/07 7:59 a.m.6 views

CVE-2026-29093

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

9.8CVSS5.7AI score0.0049EPSS
Exploits1References1
NVD
NVD
added 2026/03/06 4:16 a.m.7 views

CVE-2026-29093

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who...

9.8CVSS0.0049EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/03/05 1:22 a.m.7 views

AVideo: Unauthenticated PHP session store exposed to host network via published memcached port

Summary The official docker-compose.yml publishes the memcached service on host port 11211 0.0.0.0:11211 with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who can reach port 11211 can read, modify, or flush session data ...

9.8CVSS6.1AI score0.0049EPSS
Exploits1References4Affected Software1
Metasploit
Metasploit
added 2018/03/07 1:54 a.m.16 views

Memcached UDP Version Scanner

This module can be used to discover Memcached servers which expose the unrestricted UDP port 11211. A basic "version" request is executed to obtain the version of memcached. This module requires Metasploit: https://metasploit.com/download Current source:...

7.2AI score
Exploits0
NVD
NVD
added 2018/03/05 2:29 p.m.12 views

CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

7.5CVSS7.5AI score0.8864EPSS
Exploits3References15
OSV
OSV
added 2018/03/05 2:29 p.m.1 views

DEBIAN-CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

7.5CVSS6.8AI score0.8864EPSS
Exploits3References1
OSV
OSV
added 2018/03/05 2:29 p.m.2 views

ALPINE-CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

7.5CVSS6.9AI score0.8864EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2018/03/05 2:0 p.m.23 views

CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

7.5CVSS7.9AI score0.8864EPSS
Exploits3
OSV
OSV
added 2018/03/05 12:0 a.m.3 views

UBUNTU-CVE-2018-1000115

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume Network Amplification, CWE-406 vulnerability in the UDP support of the memcached server that can result in denial of service via network flood traffic amplification of 1:50,000 has been reported by reliable sources...

7.5CVSS7AI score0.8864EPSS
Exploits3References5
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/03/03 4:28 p.m.116 views

Our Exposed World – Old exposures, new attacks

Natasha Hellberg, Senior Threat Researcher FTR With assistance from William Gamazo Sanchez, DSLabs Within the last few days a new player has been introduced into the distribute denial of service DDoS amplification attack world and with it brings the potential for much larger DDoS attacks than wha...

6.8AI score
Exploits0
Rows per page
Query Builder