Lucene search
K

1040 matches found

Cvelist
Cvelist
added 2025/11/29 1:57 a.m.15 views

CVE-2025-66217 AIS-catcher Integer Underflow in MQTT Packet Parsing leading to Heap Buffer Overflow

AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, an integer underflow vulnerability exists in the MQTT parsing logic of AIS-catcher. This vulnerability allows an attacker to trigger a massive Heap Buffer Overflow by sending a malformed MQTT packet with a manipulated Topic Leng...

8.8CVSS0.00634EPSS
Exploits1References2
OSV
OSV
added 2025/11/06 9:31 p.m.7 views

GHSA-9C5Q-W6GR-FXCQ MQTT does not validate hostnames

A flaw was found in Rubygem MQTT. By default, the package used to not have hostname validation, resulting in possible Man-in-the-Middle MITM attack...

7.4CVSS6.6AI score0.00313EPSS
Exploits0References5
Fedora
Fedora
added 2025/10/30 4:36 a.m.9 views

[SECURITY] Fedora 42 Update: qt6-qtmqtt-6.9.3-1.fc42

MQTT is a machine-to-machine M2M protocol utilizing the publish-and-subscri be paradigm, and provides a channel with minimal communication overhead. The Qt MQTT module provides a standard compliant implementation of the MQTT protocol specification. It enables applications to act as telemetry...

9.4CVSS7AI score0.00204EPSS
Exploits0
GitLab Advisory Database
GitLab Advisory Database
added 2025/10/16 12:0 a.m.8 views

Apache ActiveMQ NMS AMQP Client has a Deserialization of Untrusted Data vulnerability

A Deserialization of Untrusted Data vulnerability exists in the Apache ActiveMQ NMS AMQP Client. This issue affects all versions of Apache ActiveMQ NMS AMQP up to and including 2.3.0, when establishing connections to untrusted AMQP servers. Malicious servers could exploit unbounded deserializatio...

9.8CVSS7.8AI score0.02016EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2025/10/09 7:2 p.m.474 views

Exploit for Improper Input Validation in Microsoft

MSMQ Vulnerability Proof of Concept This repository contains...

9.8CVSS7.1AI score0.95454EPSS
Exploits7
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-0536

Malware in sbrugna...

5CVSS6.4AI score0.03246EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-2670

Malware in sbrugna...

10CVSS6.4AI score0.07307EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2006-0537

Malware in sbrugna...

5CVSS6.4AI score0.02791EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-2668

Malware in sbrugna...

5CVSS6.4AI score0.03137EPSS
Exploits0References7
Trellix
Trellix
added 2025/10/07 12:0 a.m.21 views

The Bug Report – September 2025 Edition

The Bug Report – September 2025 Edition By Jonathan Omakun · October 7, 2025 Why am I here? Ah, September. When the leaves change colors, so do the threat landscapes! As summer fades into autumn, cybersecurity professionals are harvesting a bumper crop of vulnerabilities that would make any pumpk...

10CVSS8.9AI score0.93286EPSS
Exploits25
EUVD
EUVD
added 2025/10/06 9:30 p.m.7 views

EUVD-2025-32583

Components of the YoSmart YoLink ecosystem through 2025-10-02 leverage unencrypted MQTT to communicate over the internet. An attacker with the ability to monitor network traffic could therefore obtain sensitive information or tamper with the traffic to control affected devices. This affects YoLin...

4.7CVSS6.1AI score0.00173EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/10/06 6:50 a.m.3 views

CVE-2025-58581 Information Disclosure Through Stacktrace-/MQTT/Config/changeAll

When an error occurs in the application a full stacktrace is provided to the user. The stacktrace lists class and method names as well as other internal information. An attacker can thus obtain information about the technology used and the structure of the application...

4.3CVSS6.3AI score0.00311EPSS
Exploits0References6
CVE
CVE
added 2025/10/06 12:0 a.m.16 views

CVE-2025-59448

CVE-2025-59448 concerns the YoSmart YoLink ecosystem, where components including the YoLink Hub 0382, YoLink Mobile Application 1.40.41, and YoLink MQTT Broker communicate over the internet using unencrypted MQTT. The vulnerability arises from insecure transmission, allowing an attacker who can m...

4.7CVSS6.3AI score0.00173EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/10/06 12:0 a.m.8 views

PT-2025-40945

Name of the Vulnerable Software and Affected Versions YoSmart YoLink ecosystem through 2025-10-02 YoLink Hub 0382 YoLink Mobile Application version 1.40.41 YoLink MQTT Broker Description Components of the YoSmart YoLink ecosystem utilize unencrypted MQTT for internet communication. This allows an...

4.7CVSS6.4AI score0.00173EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-40524

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.02395EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-19066

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.00614EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41996

Malicious code in bioql PyPI...

7.5CVSS8AI score0.01794EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25834

Malicious code in bioql PyPI...

9.1CVSS6.6AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-2297

Malicious code in bioql PyPI...

7.5CVSS8AI score0.02589EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-24557

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00176EPSS
Exploits0References2
Rows per page
Query Builder