Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2015-1924

Malware in sbrugna...

4.3CVSS6.2AI score0.00729EPSS
Exploits0References33
Cvelist
Cvelistadded 2016/07/05 1:0 a.m.27 views

CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

7.3AI score0.03873EPSS
Exploits0References35
Talos
Talosadded 2016/04/26 12:0 a.m.57 views

Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability

SUMMARY An off-path attacker can cause a preemptible client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. Furthermore, if the attacker keeps sending cryp...

5.3CVSS7.4AI score0.03664EPSS
Exploits2
Mageia
Mageiaadded 2015/04/15 9:1 a.m.39 views

Updated ntp packages fix security vulnerabilities

Updated ntp packages fix security vulnerabilities: The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting th...

4.3CVSS6.2AI score0.00729EPSS
Exploits0References2
Prion
Prionadded 2015/04/08 10:59 a.m.20 views

Design/Logic Flaw

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...

4.3CVSS6.7AI score0.00729EPSS
Exploits0References24Affected Software1
Cvelist
Cvelistadded 2015/04/08 10:0 a.m.26 views

CVE-2015-1799

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...

5.6AI score0.00729EPSS
Exploits0References24
ArchLinux
ArchLinuxadded 2014/12/22 12:0 a.m.60 views

ntp: multiple issues

Keys explicitly generated by "ntp-keygen -M" should be regenerated. - CVE-2014-9293 weak key generation ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd or to exploit other vulnerabilities. - CVE-2014-9294 weak k...

7.5CVSS6.6AI score0.57272EPSS
Exploits4References8
Rows per page
Query Builder