Design/Logic Flaw

A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...

Vulnerabilities fixed in IBM MQ for HPE NonStop Server

Vulnerabilities have been fixed in IBM MQ used in the HPE NonStop Server. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Access to system data Increased user privileges IBM has released updates to f...

IBM MQ for HP NonStop 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product focuses on providing a reliable and validated messaging backbone for Service Oriented Architecture SOA. A security vulnerability exists in IBM MQ for HP NonStop that stems from vulnerability to an elevation of privile...

What is AMQP Protocol ❓ All you need to know

The cost-free and fast operations of the open-source tool have made them a preferred choice over their closed-source peers. Without putting any hard and fast restrictions on the users, open-source applications have become a norm these days. AMQP Standard is a commonly used messaging protocol used...

IBM MQ 安全漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A security vulnerability exists in IBM MQ that stems from a network system or product that does not properly use...

DEBIAN-CVE-2021-22945

When sending data to an MQTT server, libcurl = 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it again...

OESA-2021-1328 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

UBUNTU-CVE-2021-22116

RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugi...

UBUNTU-CVE-2021-33574

The mqnotify function in the GNU C Library aka glibc versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object passed through its struct sigevent parameter after it has been freed by the caller, leading to a denial of service application crash or possibly...

PT-2024-11148 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition in the Linux kernel's ipc/mqueue, msg, and sem components can cause a crash when a do mq timedreceive call returns and leaves do mq timedsend to rely on an invalid...

PT-2021-5558 · Gnu +7 · Glibc +7

Name of the Vulnerable Software and Affected Versions: glibc versions 2.32 and 2.33 Description: The issue is related to the mq notify function in the GNU C Library, which has a use-after-free problem. This occurs when the function uses the notification thread attributes object, passed through it...

CVE-2021-0229

An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport MQTT server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service DoS by sending a stream of specific packets. A Juniper Extension Toolkit JET...

redhat AMQ 日志信息泄露漏洞

AMQ is a messaging middleware from Redhat that enables high-performance, secure, and reliable transfer of information between different services. A security vulnerability exists in redhat AMQ that arises from the disclosure of JDBC usernames and passwords in application logs...

CVE-2020-4931

IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747...

IBM MQ Appliance 安全漏洞

The IBM MQ Appliance is an all-in-one appliance for rapid deployment of enterprise-class messaging middleware from IBM USA. A security vulnerability exists in the IBM MQ Appliance, which can be exploited by an attacker to trigger a denial of service by triggering a fatal error through the AMQP...

CVE-2020-4931

IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747...

CVE-2021-25274

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ Microsoft Message Queue and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon...

CVE-2021-25274

The Collector Service in SolarWinds Orion Platform before 2020.2.4 uses MSMQ Microsoft Message Queue and doesn't set permissions on its private queues. As a result, remote unauthenticated clients can send messages to TCP port 1801 that the Collector Service will process. Additionally, upon...

IBM MQ 代码问题漏洞

IBM MQ IBM WebSphere MQ is a messaging middleware product from IBM. The product is mainly for the service-oriented architecture SOA to provide a reliable and proven messaging backbone. A remote code execution vulnerability exists in IBM MQ 7.5, 8.0, 9.0, 9.1, 9.2 LTS, and 9.2 CD, which is caused ...

IBM MQ Internet Pass-Thru Denial of Service Vulnerability

IBM MQ Internet Pass-Thru is an American IBM product used to support the realization of messaging between remote sites on the Internet. The product is an extended functionality component of IBM MQ that acts as a protocol channel or proxy for establishing protocols during interactions, making it...