{"url":"http://public2.vulnerablecode.io/api/packages/120566?format=json","purl":"pkg:rpm/redhat/ntp@4.2.6p5-2?arch=el6_5","type":"rpm","namespace":"redhat","name":"ntp","version":"4.2.6p5-2","qualifiers":{"arch":"el6_5"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47094?format=json","vulnerability_id":"VCID-3fbv-65rm-9fdj","summary":"Multiple vulnerabilities have been found in NTP, the worst of which\n    could result in remote execution of arbitrary code.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0541.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0541.html"},{"reference_url":"http://bk1.ntp.org/ntp-dev/ntpd/ntp_config.c?PAGE=diffs&REV=4b6089c5KXhXqZqocF0DMXnQQsjOuw","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/ntpd/ntp_config.c?PAGE=diffs&REV=4b6089c5KXhXqZqocF0DMXnQQsjOuw"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2665","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2665"},{"reference_url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9293.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9293.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9293","reference_id":"","reference_type":"","scores":[{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96881","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96893","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96907","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.9691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.9692","published_at":"2026-04-16T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96924","published_at":"2026-04-18T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96927","published_at":"2026-04-21T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96926","published_at":"2026-04-24T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96928","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296"},{"reference_url":"http://secunia.com/advisories/62209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62209"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd"},{"reference_url":"http://support.ntp.org/bin/view/Main/SecurityNotice","reference_id":"","reference_type":"","scores":[],"url":"http://support.ntp.org/bin/view/Main/SecurityNotice"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8"},{"reference_url":"http://www.kb.cert.org/vuls/id/852879","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/852879"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.securityfocus.com/bid/71757","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71757"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176032","reference_id":"1176032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176032"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576","reference_id":"773576","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9293","reference_id":"CVE-2014-9293","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9293"},{"reference_url":"https://security.gentoo.org/glsa/201412-34","reference_id":"GLSA-201412-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2024","reference_id":"RHSA-2014:2024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2025","reference_id":"RHSA-2014:2025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0104","reference_id":"RHSA-2015:0104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0104"},{"reference_url":"https://usn.ubuntu.com/2449-1/","reference_id":"USN-2449-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2449-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9293"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3fbv-65rm-9fdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47097?format=json","vulnerability_id":"VCID-ayuz-q3ht-akdd","summary":"Multiple vulnerabilities have been found in NTP, the worst of which\n    could result in remote execution of arbitrary code.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0541.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0541.html"},{"reference_url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548ad06feXHK1HlZoY-WZVyynwvwAg","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548ad06feXHK1HlZoY-WZVyynwvwAg"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2670","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2670"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9296.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9296","reference_id":"","reference_type":"","scores":[{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96147","published_at":"2026-04-29T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96093","published_at":"2026-04-01T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.961","published_at":"2026-04-02T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96107","published_at":"2026-04-04T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96112","published_at":"2026-04-07T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96126","published_at":"2026-04-09T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96138","published_at":"2026-04-16T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96143","published_at":"2026-04-18T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96144","published_at":"2026-04-21T12:55:00Z"},{"value":"0.24613","scoring_system":"epss","scoring_elements":"0.96146","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296"},{"reference_url":"http://secunia.com/advisories/62209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62209"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd"},{"reference_url":"http://support.ntp.org/bin/view/Main/SecurityNotice","reference_id":"","reference_type":"","scores":[],"url":"http://support.ntp.org/bin/view/Main/SecurityNotice"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8"},{"reference_url":"http://www.kb.cert.org/vuls/id/852879","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/852879"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.securityfocus.com/bid/71758","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176040","reference_id":"1176040","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176040"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576","reference_id":"773576","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9296","reference_id":"CVE-2014-9296","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9296"},{"reference_url":"https://security.gentoo.org/glsa/201412-34","reference_id":"GLSA-201412-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2024","reference_id":"RHSA-2014:2024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0104","reference_id":"RHSA-2015:0104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0104"},{"reference_url":"https://usn.ubuntu.com/2449-1/","reference_id":"USN-2449-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2449-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9296"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayuz-q3ht-akdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47096?format=json","vulnerability_id":"VCID-hgnp-2jmj-cugx","summary":"Multiple vulnerabilities have been found in NTP, the worst of which\n    could result in remote execution of arbitrary code.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0541.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0541.html"},{"reference_url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA"},{"reference_url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg"},{"reference_url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2667","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2667"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2668","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2668"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2669","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2669"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html"},{"reference_url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9295.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9295.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9295","reference_id":"","reference_type":"","scores":[{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.9816","published_at":"2026-04-29T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98134","published_at":"2026-04-01T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98137","published_at":"2026-04-02T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.9814","published_at":"2026-04-04T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98142","published_at":"2026-04-07T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98146","published_at":"2026-04-08T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98147","published_at":"2026-04-09T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.9815","published_at":"2026-04-11T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98151","published_at":"2026-04-13T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98156","published_at":"2026-04-24T12:55:00Z"},{"value":"0.57272","scoring_system":"epss","scoring_elements":"0.98159","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296"},{"reference_url":"http://secunia.com/advisories/62209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62209"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783"},{"reference_url":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes","reference_id":"","reference_type":"","scores":[],"url":"https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd"},{"reference_url":"http://support.ntp.org/bin/view/Main/SecurityNotice","reference_id":"","reference_type":"","scores":[],"url":"http://support.ntp.org/bin/view/Main/SecurityNotice"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8"},{"reference_url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm","reference_id":"","reference_type":"","scores":[],"url":"http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm"},{"reference_url":"http://www.kb.cert.org/vuls/id/852879","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/852879"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.securityfocus.com/bid/71761","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71761"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176037","reference_id":"1176037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176037"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576","reference_id":"773576","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9295","reference_id":"CVE-2014-9295","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9295"},{"reference_url":"https://security.gentoo.org/glsa/201412-34","reference_id":"GLSA-201412-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2024","reference_id":"RHSA-2014:2024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2025","reference_id":"RHSA-2014:2025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0104","reference_id":"RHSA-2015:0104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0104"},{"reference_url":"https://usn.ubuntu.com/2449-1/","reference_id":"USN-2449-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2449-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9295"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgnp-2jmj-cugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47095?format=json","vulnerability_id":"VCID-rx8v-vhpd-ykg2","summary":"Multiple vulnerabilities have been found in NTP, the worst of which\n    could result in remote execution of arbitrary code.","references":[{"reference_url":"http://advisories.mageia.org/MGASA-2014-0541.html","reference_id":"","reference_type":"","scores":[],"url":"http://advisories.mageia.org/MGASA-2014-0541.html"},{"reference_url":"http://bk1.ntp.org/ntp-dev/util/ntp-keygen.c?PAGE=diffs&REV=4eae1b72298KRoBQmX-y8URCiRPH5g","reference_id":"","reference_type":"","scores":[],"url":"http://bk1.ntp.org/ntp-dev/util/ntp-keygen.c?PAGE=diffs&REV=4eae1b72298KRoBQmX-y8URCiRPH5g"},{"reference_url":"http://bugs.ntp.org/show_bug.cgi?id=2666","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.ntp.org/show_bug.cgi?id=2666"},{"reference_url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142469153211996&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142590659431171&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=142853370924302&w=2"},{"reference_url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144182594518755&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2014-2025.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-0104.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9294.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9294.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9294","reference_id":"","reference_type":"","scores":[{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96881","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96888","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96893","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96898","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96907","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.9691","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96912","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.9692","published_at":"2026-04-16T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96924","published_at":"2026-04-18T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96927","published_at":"2026-04-21T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96926","published_at":"2026-04-24T12:55:00Z"},{"value":"0.33271","scoring_system":"epss","scoring_elements":"0.96928","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296"},{"reference_url":"http://secunia.com/advisories/62209","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/62209"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232"},{"reference_url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783","reference_id":"","reference_type":"","scores":[],"url":"https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103","reference_id":"","reference_type":"","scores":[],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10103"},{"reference_url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd","reference_id":"","reference_type":"","scores":[],"url":"https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd"},{"reference_url":"http://support.ntp.org/bin/view/Main/SecurityNotice","reference_id":"","reference_type":"","scores":[],"url":"http://support.ntp.org/bin/view/Main/SecurityNotice"},{"reference_url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8","reference_id":"","reference_type":"","scores":[],"url":"https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8"},{"reference_url":"http://www.kb.cert.org/vuls/id/852879","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/852879"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:003"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.securityfocus.com/bid/71762","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/71762"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176035","reference_id":"1176035","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1176035"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576","reference_id":"773576","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773576"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9294","reference_id":"CVE-2014-9294","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9294"},{"reference_url":"https://security.gentoo.org/glsa/201412-34","reference_id":"GLSA-201412-34","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-34"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2024","reference_id":"RHSA-2014:2024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:2025","reference_id":"RHSA-2014:2025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:2025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0104","reference_id":"RHSA-2015:0104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0104"},{"reference_url":"https://usn.ubuntu.com/2449-1/","reference_id":"USN-2449-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2449-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9294"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rx8v-vhpd-ykg2"}],"fixing_vulnerabilities":[],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ntp@4.2.6p5-2%3Farch=el6_5"}