Aggregates CVE and security vulnerability intelligence across all memcachedb-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk path handling and vendor risk input validation, with potential vendor impact file overwrite and vendor impact unexpected behavior across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2010-1152 | memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon hang or crash) via a long line that triggers excessive memory allocation. NOTE: some of these details are obtained from third party information. | [email protected] | 5.0 | 22.72% | 2010-04-12 | 2026-04-29 |
| CVE-2009-2415 | Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows. | [email protected] | 10.0 | 12.08% | 2009-08-10 | 2026-04-23 |
| CVE-2009-1494 | The process_stat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port. | [email protected] | 5.0 | 0.52% | 2009-04-30 | 2026-04-23 |
| CVE-2009-1255 | The process_stat function in (1) Memcached before 1.2.8 and (2) MemcacheDB 1.2.0 discloses (a) the contents of /proc/self/maps in response to a stats maps command and (b) memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such as the locations of memory regions, and defeat ASLR protection, by sending a command to the daemon's TCP port. | [email protected] | 5.0 | 2.08% | 2009-04-30 | 2026-04-23 |