CVE-2025-37996 KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort()

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...

PT-2025-23155 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the KVM Kernel-based Virtual Machine for arm64 architecture. The issue was caused by an uninitialized memcache...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized memcache pointer in usermemabort...

CVE-2010-5275

Cross-site scripting XSS vulnerability in memcacheadmin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2010-5276

The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcacheadmin, which might "lead to a role change not being recognized until the user logs in again."...

RHEL 6 : openstack-keystone (RHSA-2013:1285)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:1285 advisory. The openstack-keystone packages provide Keystone, a Python implementation of the OpenStack identity service API, which provides Identity, Token,...

The vulnerability of the Memcached component of cloud software for creating and using Nextcloud data storage allows a attacker to cause a service failure.

The vulnerability of the Memcached component in cloud software for creating and using a data storage service for Nextcloud is related to the use of Memcached as memcache.distributed. Limiting the server’s performance may unexpectedly cause the performance counter to be reset earlier than expected...

SUSE CVE-2023-45148

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgra...

CVE-2023-45148 Rate limiter not working reliable when Memcached is installed in Nextcloud

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgra...

PT-2023-6442 · Nextcloud +2 · Nextcloud +2

Name of the Vulnerable Software and Affected Versions: Nextcloud versions prior to 25.0.11 Nextcloud versions prior to 26.0.6 Nextcloud versions prior to 27.1.0 Description: The issue is related to the use of Memcached as memcache.distributed in Nextcloud, which can cause the rate limiting on the...

SUSE CVE-2013-2166

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass...

SUSE CVE-2013-2167

python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass...

SUSE CVE-2014-0105

The authtoken middleware in the OpenStack Python client library for Keystone aka python-keystoneclient before 0.7.0 does not properly retrieve user tokens from memcache, which allows remote authenticated users to gain privileges in opportunistic circumstances via a large number of requests, relat...

SUSE CVE-2014-2237

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...

SUSE CVE-2020-8165

A deserialization of untrusted data vulnernerability exists in rails 5.2.4.3, rails 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

VulnCheck KEV: CVE-2022-27924

Synacor Zimbra Collaboration Suite ZCS allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries...

Synacor Zimbra Collaboration Suite (ZCS) Command Injection Vulnerability

Synacor Zimbra Collaboration Suite ZCS allows an attacker to inject memcache commands into a targeted instance which causes an overwrite of arbitrary cached entries...

Zimbra Collaboration Server 8.8.x < 8.8.15 Patch 31 / 9.0.0 < 9.0.0 Patch 24 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by a multiple vulnerabilities, including the following: - A vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance. These memcache commands becomes...

Vulnerability in Zimbra that steals clear-text credentials from users

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A new vulnerability in Zimbra allows an attacker to steal cleartext credentials from instances via Memcache injection. Over 200,000 users logged in can be impacted by the security flaw...

GHSA-23X9-8HXR-978C OpenStack Identity (Keystone) Trustee token revocations does not work with memcache backend

The memcache token backend in OpenStack Identity Keystone 2013.1 through 2.013.1.4, 2013.2 through 2013.2.2, and icehouse before icehouse-3, when issuing a trust token with impersonation enabled, does not include this token in the trustee's token-index-list, which prevents the token from being...