Lucene search
K

1040 matches found

Microsoft CVE
Microsoft CVE
added 2026/05/12 2:0 p.m.11 views

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network...

8.8CVSS6.1AI score0.00461EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

Microsoft Message Queuing 资源管理错误漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There is a resource management vulnerability in Microsoft Message Queuing. The following products and versions are affected: Windows 11 Version 24H2 for...

7.8CVSS7.1AI score0.00398EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.59 views

KB5087470: Windows Server 2012 Security Update (May 2026)

The remote Windows host is missing security update 5087470. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

9.8CVSS7.2AI score0.72253EPSS
Exploits31References40
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.39 views

KB5087471: Windows Server 2012 R2 Security Update (May 2026)

The remote Windows host is missing security update 5087471. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

9.8CVSS7.3AI score0.72253EPSS
Exploits31References43
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.18 views

PT-2026-40145

Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A double free issue in Windows Message Queuing allows an authorized attacker to elevate privileges locally. A double free occurs when a program attempts to free the same memor...

7.8CVSS7.1AI score0.00398EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40149

Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker located on an adjacent network to execute arbitrary code. A heap-based buffer overflow...

8.8CVSS6.3AI score0.00461EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is a solution developed by Microsoft for implementing high-performance asynchronous and synchronous scenarios. There are security vulnerabilities associated with Microsoft Message Queuing. The following products and versions are affected: Windows 10 Version 1809 for 32-b...

8.8CVSS5.8AI score0.00461EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.110 views

KB5087538: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2026)

The remote Windows host is missing security update 5087538. It is, therefore, affected by multiple vulnerabilities - Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVE-2026-41089 - Heap-based buffer overflow in Windows Win32K - GRFX...

9.8CVSS6.8AI score0.72253EPSS
Exploits31References56
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.14 views

KB5087544: Windows 10 version 21H2 / Windows 10 Version 22H2 Security Update (May 2026)

The remote Windows host is missing security update 5087544. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. CVE-2026-34329 - Heap-based buffer overflow in Windo...

8.8CVSS7AI score0.02419EPSS
Exploits0References55
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.37 views

KB5089548: Windows 11 Version 26H1 Security Update (May 2026)

The remote Windows host is missing security update 5089548. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow in Windows Win32K -...

9.8CVSS7.2AI score0.04725EPSS
Exploits8References61
Tenable Nessus
Tenable Nessus
added 2026/05/12 12:0 a.m.30 views

KB5089549: Windows 11 Version 24H2 / Windows 11 Version 25H2 Security Update (May 2026)

The remote Windows host is missing security update 5089549 or hotpatch 5089466. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVE-2026-41096 - Heap-based buffer overflow ...

9.8CVSS6.9AI score0.04725EPSS
Exploits8References61
Snyk
Snyk
added 2026/05/07 5:14 a.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of size limits applied to the Properties section during the decoding process. An attacker can cause excessive CPU and memory consumption by sending MQTT messages with...

7.5CVSS5.8AI score0.00455EPSS
Exploits0References2
NVD
NVD
added 2026/04/17 8:16 p.m.11 views

CVE-2026-32324

Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels at scale...

7.7CVSS0.00087EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.7 views

PT-2026-33489

CVE-2026-32324 Anviz CX7 Firmware is vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction wi… https://t.co/229Go9uB4w...

7.7CVSS5.8AI score0.00087EPSS
Exploits0References5
OSV
OSV
added 2026/03/26 8:33 p.m.4 views

GO-2026-4833 NATS is vulnerable to MQTT hijacking via Client ID in github.com/nats-io/nats-server

NATS is vulnerable to MQTT hijacking via Client ID in github.com/nats-io/nats-server...

6.5CVSS5.9AI score0.0024EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.8 views

Nats-Server 安全漏洞

Nats-Server is a high-performance server developed by Nats Open Source, used for native message delivery systems on Nats.io, cloud, and edge environments. There were security vulnerabilities in versions of Nats-Server before 2.11.15 and 2.12.6. These vulnerabilities stemmed from the lack of ACL...

7.1CVSS6.4AI score0.00259EPSS
Exploits0References3
Snyk
Snyk
added 2026/03/24 9:42 p.m.5 views

Credential Exposure

Overview github.com/nats-io/nats-server/v2/server is an A simple, secure and performant communications system for digital systems, services and devices. Affected versions of this package are vulnerable to Credential Exposure through the MQTT authentication processing in...

9.2CVSS5.9AI score0.00365EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/24 8:55 p.m.4 views

CVE-2026-33215

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via MQTT Client ID malfeasance. Versions 2.11.15 and 2.12.5 patch the issu...

6.5CVSS5.8AI score0.0024EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/03/04 9:31 a.m.3 views

EUVD-2025-208266

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

5.4CVSS6AI score0.0078EPSS
Exploits0References3
OSV
OSV
added 2026/03/04 9:31 a.m.6 views

GHSA-C825-6PH3-4H84 Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound

Apache ActiveMQ does not properly validate the remaining length field which may lead to an overflow during the decoding of malformed packets. When this integer overflow occurs, ActiveMQ may incorrectly compute the total Remaining Length and subsequently misinterpret the payload as multiple MQTT...

5.4CVSS5.9AI score0.0078EPSS
Exploits0References6
Rows per page
Query Builder