1038 matches found
IBM MQ Appliance 加密问题漏洞
IBM MQ Appliance is an IBM software that is pre-installed on specialized, secure hardware. Versions of IBM MQ Appliance 9.4 CD 9.4.4.1 and earlier have a security vulnerability due to the use of encryption algorithms that are weaker than expected. This vulnerability may allow attackers to decrypt...
IoT-MQTT-Lab
No d...
curl: MQTT Protocol Packet Injection via Unchecked CONNACK Remaining Length
I'm not sure if this is a vulnerability or intended behavior, but I noticed that curl MQTT implementation accepts CONNACK packets with Remaining Length values greater than 2, which appears to violate the MQTT v3.1.1 specification. According to the MQTT spec, CONNACK packets should have a Remainin...
OPENSUSE-SU-2026:20082-1 Security update for rabbitmq-server
This update for rabbitmq-server fixes the following issues: Changes in rabbitmq-server: Update to 4.1.5: Highlights - Khepri, an alternative schema data store developed to replace Mnesia, has matured and is now fully supported it previously was an experimental feature - AMQP 1.0 is now a core...
CVE-2026-22535
CVE-2026-22535 concerns an attacker with network access and valid credentials who can write to the server topics that control MQTT communications due to unencrypted MQTT protocol. The issue is described across multiple feeds (Red Hat, NVD, CIRCL, CVE lists, EUVD/ENISA, CNNVD, etc.) as a vulnerabi...
December 18, 2025—KB5074979 (Monthly Rollup) Out-of-band
December 18, 2025—KB5074979 Monthly Rollup Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices fo...
December 18, 2025—KB5074977 (Monthly Rollup) Out-of-band
December 18, 2025—KB5074977 Monthly Rollup Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices fo...
Man-In-The-Middle (MITM) Attack
MQTT is vulnerable to a Man-in-the-Middle MITM attack. The vulnerability is due to missing hostname verification by default, which allows an attacker to intercept and manipulate communication between clients and servers...
CVE-2025-62455
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally...
CVE-2025-62455
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally...
CVE-2025-62455
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally...
EUVD-2025-202231
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally...
CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
...
CVE-2025-62455
CVE-2025-62455 relates to an Elevation of Privilege in Windows Message Queuing (MSMQ). The initial description cites improper input validation in MSMQ that could allow an authorized local attacker to elevate privileges. Connected documents corroborate MSMQ as the affected component and reference ...
CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
...
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally...
PT-2025-50157
Name of the Vulnerable Software and Affected Versions Windows Message Queuing affected versions not specified Description A flaw in input validation within Windows Message Queuing can allow a local attacker to gain higher privileges on a system. This issue enables an authorized attacker to elevat...
KLA90812 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote cod...
KLA90811 Multiple vulnerabilities in Microsoft Product (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, spoof user interface, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a...
Microsoft Message Queuing 输入验证错误漏洞
Microsoft Message Queuing is a Microsoft Corporation USA solution for implementing asynchronous and synchronous scenarios that require high performance. An input validation error vulnerability exists in Microsoft Message Queuing. An attacker could exploit the vulnerability to elevate privileges...