Lucene search
K

20 matches found

OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-f1ea97edd8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01107EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/03/20 12:0 a.m.9 views

Mageia: Security Advisory (MGASA-2025-0106)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.01107EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2025/01/28 6:35 p.m.21 views

Advisory ROSA-SA-2025-2633

software: mosquitto 2.0.15 WASP: ROSA-CHROME packageevrstring: mosquitto-2.0.15 CVE-ID: CVE-2023-0809 BDU-ID: 2024-04210 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the CONNECT component of the Eclipse Mosquitto message broker is related to memory allocation based on an unreliable value of lar...

7.5CVSS7.4AI score0.01107EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.39 views

RHEL 8 : Red Hat Satellite 6 (RHSA-2024:1061)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1061 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

7.5CVSS6.3AI score0.01107EPSS
Exploits0References22
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.42 views

RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

9.8CVSS7.7AI score0.78483EPSS
Exploits8References35
RedHat Linux
RedHat Linux
added 2024/02/29 8:37 p.m.62 views

Moderate: Red Hat Security Advisory: Red Hat Satellite 6 security and bug fix update

An update is now available for Red Hat Satellite 6.13 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.5CVSS6.6AI score0.01107EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2024/02/13 2:45 p.m.59 views

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

9.8CVSS7.2AI score0.78483EPSS
Exploits8References24
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.42 views

GLSA-202401-09 : Eclipse Mosquitto: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-09 Eclipse Mosquitto: Multiple Vulnerabilities - In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. CVE-2023-0809 - In Mosquitto before 2.0.16, a memor...

7.5CVSS6.5AI score0.01107EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/11/22 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-6492-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.01367EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2023/10/02 12:0 a.m.37 views

Debian DSA-5511-1 : mosquitto - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5511 advisory. Several security vulnerabilities have been discovered in mosquitto, a MQTT compatible message broker, which may be abused for a denial of service attack...

7.5CVSS6.5AI score0.01367EPSS
Exploits2References15
Debian
Debian
added 2023/10/01 7:39 p.m.73 views

[SECURITY] [DSA 5511-1] mosquitto security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5511-1 [email protected] https://www.debian.org/security/ Markus Koschany October 01, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.01367EPSS
Exploits2
OSV
OSV
added 2023/09/15 11:5 a.m.4 views

OESA-2023-1658 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

7.5CVSS6.7AI score0.01107EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2023/09/05 3:13 p.m.21 views

CVE-2023-28366

A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service conditi...

7.5CVSS7.2AI score0.01107EPSS
Exploits0References4
Circl
Circl
added 2023/09/01 8:15 p.m.8 views

CVE-2023-28366

creationtimestamp| type| source ---|---|--- 2023-09-01 20:15:10+00:00| seen| https://t.me/cibsecurity/69660...

7.5CVSS7.2AI score0.01107EPSS
Exploits0References1
NVD
NVD
added 2023/09/01 4:15 p.m.26 views

CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

7.5CVSS7.4AI score0.01107EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/09/01 12:0 a.m.44 views

CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

7.5AI score0.01107EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.33 views

Fedora 38 : libwebsockets / mosquitto (2023-6a87c003c4)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-6a87c003c4 advisory. 2.0.17 Broker: Fix maxqueuedmessages 0 stopping clients from receiving messages Fix maxinflightmessages not being set correctly. Apps: Fix...

7.5CVSS6.7AI score0.01107EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/09/01 12:0 a.m.2 views

CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

7AI score0.01107EPSS
Exploits0References7
AlpineLinux
AlpineLinux
added 2023/09/01 12:0 a.m.23 views

CVE-2023-28366

The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function...

7.5CVSS6.9AI score0.01107EPSS
Exploits0
OSV
OSV
added 2023/08/31 12:14 p.m.0 views

BELL-CVE-2023-28366 CVE-2023-28366 does not affect BellSoft software

Bulletin has no description...

7.5CVSS5.8AI score0.01107EPSS
Exploits0References1
Rows per page
Query Builder