These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2016-9053 describes a critical memory-safety issue in Aerospike Database Server 3.10.0.3. A specially crafted network packet can trigger out-of-bounds indexing in the RW fabric message particle type, causing the server to fetch a function table outside an array boundary. NVD rates the issue CVSS 3.1 9.8, reflecting the potential for unauthenticated remote code execution over the network.
CVE-2016-9051 describes a critical out-of-bounds write in Aerospike Database Server 3.10.0.3 during batch transaction field parsing. Per the CVE description and NVD metadata, a specially crafted network packet can trigger memory corruption without authentication, creating a credible risk of remote code execution. The affected CPE in NVD is Aerospike Database Server 3.10.0.3.
CVE-2016-9049 describes a high-severity denial-of-service issue in Aerospike Database Server 3.10.0.3. According to the NVD record, an attacker can trigger a null pointer dereference in the fabric-worker component by connecting to a TCP port and sending a specially crafted packet, which can crash the server process and disrupt availability.
CVE-2016-9054 is a critical network-reachable memory corruption flaw in Aerospike Database Server 3.10.0.3. According to the NVD record and the CVE description, a specially crafted packet can trigger a stack-based buffer overflow in the querying path, with potential remote code execution. Because the issue can be triggered by simply connecting to the service port, defenders should treat exposed Aerospike [truncated]
CVE-2016-9052 is a critical, network-exploitable memory-corruption issue in Aerospike Database Server 3.10.0.3. According to NVD, a specially crafted packet can trigger a stack-based buffer overflow in the querying path, with remote code execution as the reported impact. The issue is associated with CWE-787 and carries a CVSS 3.1 vector of AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a high-risk exposu [truncated]
CVE-2016-9050 affects Aerospike Database Server 3.10.0.3. According to the NVD record, a specially crafted network packet can trigger an out-of-bounds read in client message parsing, which may disclose memory from the process and can also cause a denial of service. The issue is network reachable and does not require privileges or user interaction.