Filtered by vendor Net-snmp Subscriptions
Total 29 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-5621 2 Net-snmp, Redhat 2 Net-snmp, Enterprise Linux 2024-08-06 N/A
The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind variable in a netsnmp_variable_list item when parsing of the SNMP PDU fails, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
CVE-2018-1000116 3 Debian, Net-snmp, Redhat 3 Debian Linux, Net-snmp, Enterprise Linux 2024-08-05 N/A
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
CVE-2018-18066 3 Net-snmp, Netapp, Redhat 9 Net-snmp, Cloud Backup, Data Ontap and 6 more 2024-08-05 N/A
snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2018-18065 5 Canonical, Debian, Net-snmp and 2 more 10 Ubuntu Linux, Debian Linux, Net-snmp and 7 more 2024-08-05 N/A
_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2019-20892 3 Net-snmp, Oracle, Redhat 3 Net-snmp, Zfs Storage Appliance Kit, Enterprise Linux 2024-08-05 6.5 Medium
net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.
CVE-2020-15862 4 Canonical, Net-snmp, Netapp and 1 more 11 Ubuntu Linux, Net-snmp, Cloud Backup and 8 more 2024-08-04 7.8 High
Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
CVE-2020-15861 3 Canonical, Net-snmp, Netapp 5 Ubuntu Linux, Net-snmp, Cloud Backup and 2 more 2024-08-04 7.8 High
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.
CVE-2022-44792 4 Debian, Net-snmp, Netapp and 1 more 11 Debian Linux, Net-snmp, H300s and 8 more 2024-08-03 6.5 Medium
handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.
CVE-2022-44793 4 Debian, Net-snmp, Netapp and 1 more 11 Debian Linux, Net-snmp, H300s and 8 more 2024-08-03 6.5 Medium
handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.