Aerospike Database Server vulnerabilities
6 known vulnerabilities affecting aerospike/database_server.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH2
Vulnerabilities
Page 1 of 1
CVE-2016-9053P2CRITICALCVSS 9.8v3.10.0.32017-02-21
CVE-2016-9053 [CRITICAL] CWE-129 CVE-2016-9053: An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle typ
An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerabil
nvd
CVE-2016-9054P2CRITICALCVSS 9.8v3.10.0.32017-01-26
CVE-2016-9054 [CRITICAL] CWE-787 CVE-2016-9054: An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aer
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_list_by_set_binid resulting in remote code execution. An attacker can simply connect to the port to trigger this vul
nvd
CVE-2016-9052P2CRITICALCVSS 9.8v3.10.0.32017-01-26
CVE-2016-9052 [CRITICAL] CWE-787 CVE-2016-9052: An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aer
An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause a stack-based buffer overflow in the function as_sindex__simatch_by_iname resulting in remote code execution. An attacker can simply connect to the port to trigger this vulnerabilit
nvd
CVE-2016-9051P2CRITICALCVSS 9.8v3.10.0.32017-02-21
CVE-2016-9051 [CRITICAL] CWE-787 CVE-2016-9051: An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing funct
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerabilit
nvd
CVE-2016-9050P3HIGHCVSS 8.2v3.10.0.32017-01-26
CVE-2016-9050 [HIGH] CWE-125 CVE-2016-9050: An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality o
An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds read resulting in disclosure of memory within the process, the same vulnerability can also be used to trigger a denial of service. An attacker can simply connect t
nvd
CVE-2016-9049P3HIGHCVSS 7.5v3.10.0.32017-02-21
CVE-2016-9049 [HIGH] CWE-476 CVE-2016-9049: An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Da
An exploitable denial-of-service vulnerability exists in the fabric-worker component of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server process to dereference a null pointer. An attacker can simply connect to a TCP port in order to trigger this vulnerability.
nvd