Lucene search
+L

11 matches found

cnnvd
cnnvd
added 2025/11/29 12:0 a.m.9 views

AIS-catcher 数字错误漏洞

AIS-catcher is an AIS receiver from Jasper Personal Developers. A numeric error vulnerability exists in AIS-catcher versions prior to 0.64, which stems from an integer overflow in the MQTT parsing logic that could lead to a denial of service and memory corruption...

8.8CVSS6.7AI score0.00634EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2025/11/29 12:0 a.m.10 views

PT-2025-48360

Name of the Vulnerable Software and Affected Versions AIS-catcher versions prior to 0.64 Description AIS-catcher, a multi-platform AIS receiver, contains a flaw in its MQTT parsing logic. An integer underflow can be triggered by sending a crafted MQTT packet with a modified Topic Length field. Th...

8.8CVSS7.1AI score0.00634EPSS
Exploits1References7
osv
osv
added 2025/01/24 11:15 p.m.3 views

CVE-2024-50695

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...

9.8CVSS6.2AI score0.00552EPSS
Exploits0References1
osv
osv
added 2023/05/09 1:15 p.m.3 views

CVE-2023-29105

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1, SIMATIC Cloud Connect 7 CC716 All versions V2.1. The affected device is vulnerable to a denial of service while parsing a random non-JSON MQTT payload. This could allow an attacker who can...

7.5CVSS7AI score0.00551EPSS
Exploits0References1
osv
osv
added 2020/06/05 6:15 p.m.6 views

CVE-2020-10071

The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...

9.8CVSS6.4AI score0.03395EPSS
Exploits0References4
cvelist
cvelist
added 2020/06/05 5:37 p.m.25 views

CVE-2020-10071 Insufficient publish message length validation in MQTT

The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...

9CVSS10AI score0.03395EPSS
Exploits0References4
prion
prion
added 2017/11/07 4:29 p.m.17 views

Stack overflow

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

7.5CVSS9.7AI score0.31045EPSS
Exploits2References1Affected Software1
osv
osv
added 2017/11/07 4:29 p.m.5 views

DEBIAN-CVE-2017-2892

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code...

9.8CVSS8.1AI score0.02395EPSS
Exploits1References1
osv
osv
added 2017/11/07 4:29 p.m.20 views

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS7.9AI score
Exploits0References1
ubuntucve
ubuntucve
added 2017/11/07 4:29 p.m.25 views

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS7.4AI score0.31045EPSS
Exploits2References2
osv
osv
added 2017/11/07 4:29 p.m.6 views

DEBIAN-CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS6.7AI score0.01311EPSS
Exploits1References1
Rows per page
Query Builder