PT-2024-9439 · Microsoft · Message Queue +1

Name of the Vulnerable Software and Affected Versions: Microsoft Message Queue MSMQ affected versions not specified Description: The issue is related to a remote code execution problem. It is associated with the use of memory after it has been freed. This could allow a remote attacker to execute...

Ruijie Networks ReyeeOS 安全漏洞

Ruijie Networks ReyeeOS is a router from Ruijie Networks China. A security vulnerability exists in Ruijie Networks ReyeeOS versions 2.206.x through 2.320.x prior. An attacker could use this vulnerability to send messages to certain topics using an MQTT client connected with device credentials...

kernel: Kernel: Denial of Service via memory leak in mqueue component

A flaw was found in the Linux kernel's mqueue message queue component. A local attacker with low privileges could exploit a memory leak in the initmqueuefs function. This vulnerability occurs when retiremqsysctls is not called after setupmqsysctls fails, leading to resource exhaustion. This could...

PT-2024-35621

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak issue has been resolved in the Linux kernel. The problem occurs when percpu memory allocation fails during the creation of a new IPC namespace, and the failure is not handl...

PT-2025-8841

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been identified, specifically in the nvkm/gsp component. The issue arises from the incorrect advancement of the read pointer of the GSP message...

CVE-2024-47078 Meshtastic firmware Authentication/Authorization Bypass via MQTT

Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly via an internet connection or proxied through a connected phone i.e., via bluetooth. Prior to...

drm/amdgpu: fix deadlock while reading mqd from debugfs

...

Palo Alto Networks Cortex Xsoar 安全漏洞

Palo Alto Networks Cortex Xsoar is a Security Orchestration Automation and Response Soar platform from Palo Alto Networks, USA. A security vulnerability exists in Palo Alto Networks Cortex Xsoar that stems from an ActiveMQ integration issue that could result in configured ActiveMQ credentials bei...

PT-2024-28983 · Ibm · Ibm Mq +1

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.1 LTS through 9.4 CD IBM MQ Operator versions 2.0.26 through 3.2.4 Description: The issue allows an authenticated user in a specifically defined role to bypass security restrictions and execute actions against the queue...

IBM MQ 安全漏洞

IBM MQ Operator is a tool from International Business Machines IBM for managing the lifecycle of IBM MQ Queue Manager. A denial of service vulnerability exists in IBM MQ Operator versions 2.0.26 and 3.2.4, which stems from improper memory allocation and can be exploited by an attacker to cause a...

kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer kernel error KE in the ufshcdmcqreqtohwq call when ufshcdclearcmd is competing with the...

CVE-2024-31327

In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2024-23973 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: In multiple functions of MessageQueueBase.h, there is a possible out of bounds write due to a race condition. This could lead to local escalation of...

CVE-2024-39742

IBM MQ Operator 3.2.2 and IBM MQ Operator 2.0.24 could allow a user to bypass authentication under certain configurations due to a partial string comparison vulnerability. IBM X-Force ID: 297169...

IBM MQ Operator Security Vulnerability

IBM MQ Operator is a tool from International Business Machines IBM for managing the lifecycle of IBM MQ Queue Manager. A security vulnerability exists in IBM MQ Operator version 3.2.2, version 2.0.24, which originates from allowing users to cause a denial of service due to a partial string...

IBM MQ Operator Security Vulnerability

IBM MQ Operator is a tool from International Business Machines IBM for managing the lifecycle of IBM MQ Queue Manager. A security vulnerability exists in IBM MQ Operator version 3.2.2, version 2.0.24, which stems from a vulnerability that allows a user to bypass authentication under certain...

kernel: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry

A flaw was found in the Linux kernel’s IPC system. This flaw allows an attacker to use a specially crafted program to cause a rare race condition, leading to a denial of service...

CVE-2024-31912

IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894...

PT-2024-26343 · Ibm · Ibm Mq

Name of the Vulnerable Software and Affected Versions: IBM MQ versions 9.3 LTS and 9.3 CD Description: A remote attacker could obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...