Lucene search
K

12 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in NTP

In NTP versions prior to 4.2.8p14 and 4.3.x before 4.3.100, remote attackers could exploit this vulnerability to cause a denial of service—resulting in the daemon exiting or the system time being changed. This was possible by predicting the transmit timestamps used in forged packets. The victim w...

7.4CVSS6.2AI score0.04071EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6032

Malware in sbrugna...

7.4CVSS6.1AI score0.04071EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/08/11 6:28 p.m.7 views

CVE-2025-53190

...

Exploits0
Vulnrichment
Vulnrichment
added 2025/08/11 6:28 p.m.3 views

CVE-2025-53190

...

6.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.3 views

SUSE CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...

5.9CVSS6.6AI score0.04071EPSS
Exploits0References8
OSV
OSV
added 2023/01/29 11:15 p.m.1 views

UBUNTU-CVE-2021-46873

WireGuard, such as WireGuard 0.5.3 on Windows, does not fully account for the possibility that an adversary might be able to set a victim's system time to a future value, e.g., because unauthenticated NTP is used. This can lead to an outcome in which one static private key becomes permanently...

5.3CVSS6AI score0.00472EPSS
Exploits0References3
Prion
Prion
added 2021/06/16 12:15 p.m.17 views

Code injection

Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, a...

1.9CVSS4.7AI score0.00522EPSS
Exploits1References3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/10/26 10:55 p.m.77 views

Security Bulletin: Vulnerabilities in NTPv4 affect AIX (CVE-2020-11868, CVE-2020-13817, and CVE-2020-15025)

Summary There are vulnerabilities in NTPv4 that affect AIX. Vulnerability Details CVEID: CVE-2020-15025 DESCRIPTION: NTP is vulnerable to a denial of service, caused by a memory leak when a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file in ntpd. By sending...

7.5CVSS0.2AI score0.04071EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2020/06/23 12:33 p.m.5 views

ntp: ntpd using highly predictable transmit timestamps could result in time change or DoS

A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. An attacker who can send a large number of packets with the spoofed IPv4 address of the upstream server can use...

7.4CVSS7.3AI score0.04071EPSS
Exploits0References5
OSV
OSV
added 2020/06/04 1:15 p.m.3 views

DEBIAN-CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...

7.4CVSS6AI score0.04071EPSS
Exploits0References1
CVE
CVE
added 2020/06/04 12:31 p.m.561 views

CVE-2020-13817

CVE-2020-13817 affects ntp’s ntpd prior to 4.2.8p14 and 4.3.x prior to 4.3.100. An off‑path attacker can predict transmit timestamps in spoofed UDP packets to remote ntpd, causing a DoS via daemon exit or system time change when the victim relies on unauthenticated IPv4 time sources. Connected so...

7.4CVSS7.2AI score0.04071EPSS
Exploits0References7Affected Software1
OpenVAS
OpenVAS
added 2009/01/13 12:0 a.m.27 views

Debian: Security Advisory (DSA-1702-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.6AI score0.03218EPSS
Exploits0References3
Rows per page
Query Builder