The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation. Rated low severity (CVSS 1.8). Public exploit code available and no vendor patch available.
memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an. Rated low severity (CVSS 1.8). Public exploit code available.
The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a. Rated low severity (CVSS 1.8). Public exploit code available.
memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass Active Directory (AD) authentication by entering only a DIGIPASS one-time password, instead of the. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.