Lucene search
+L

359 matches found

Cvelist
Cvelist
added 2024/02/15 12:35 p.m.18 views

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

9.1CVSS8.9AI score0.00678EPSS
Exploits0References1
CVE
CVE
added 2024/02/15 12:35 p.m.40 views

CVE-2023-28078

CVE-2023-28078 affects Dell OS10 Networking Switches versions 10.5.2.x and above . A vulnerability in the zeroMQ component when VLT is configured allows a remote unauthenticated attacker to cause information disclosure and potential Denial of Service by sending a large volume of requests. The iss...

9.1CVSS8.7AI score0.00678EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/02/08 11:6 a.m.6 views

OESA-2024-1133 zeromq security update

ZeroMQ also spelled ØMQ, 0MQ or ZMQ is a high-performance asynchronous messaging library, aimed at use in distributed or concurrent applications. It provides a message queue, but unlike message-oriented middleware, a ZeroMQ system can run without a dedicated message broker. The library's API is...

7.5CVSS6.8AI score0.03408EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/16 12:0 a.m.86 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : ZeroMQ vulnerabilities (USN-4920-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4920-1 advisory. It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause...

9.8CVSS7.8AI score0.43862EPSS
Exploits2References6
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.39 views

K72403108: tcpdump vulnerabilities CVE-2016-7926, CVE-2016-7932, and CVE-2016-7938

Security Advisory Description CVE-2016-7926 The Ethernet parser in tcpdump before 4.9.0 has a buffer overflow in print-ether.c:ethertypeprint. CVE-2016-7932 The PIM parser in tcpdump before 4.9.0 has a buffer overflow in print-pim.c:pimv2checkchecksum. CVE-2016-7938 The ZeroMQ parser in tcpdump...

9.8CVSS8.6AI score0.03198EPSS
Exploits0Affected Software21
SUSE CVE
SUSE CVE
added 2023/02/15 5:26 a.m.7 views

SUSE CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

4.3CVSS6.8AI score0.02015EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2023/02/15 4:57 a.m.3 views

SUSE CVE-2016-7938

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1printframe...

9.8CVSS7.5AI score0.03083EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 3:57 a.m.4 views

SUSE CVE-2020-15166

In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able...

7.5CVSS6.8AI score0.03408EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2023/02/15 3:50 a.m.3 views

SUSE CVE-2020-36400

ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcpread, a different vulnerability than CVE-2021-20235...

9.8CVSS9.7AI score0.01842EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.4 views

SUSE CVE-2021-20234

An uncontrolled resource consumption memory leak flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to system availability...

6.5CVSS7.2AI score0.01073EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.3 views

SUSE CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

9.8CVSS7AI score0.01602EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:47 a.m.3 views

SUSE CVE-2021-20237

An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...

7.5CVSS7AI score0.01694EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2022/06/15 6:16 p.m.667 views

USN-4920-1: ZeroMQ vulnerabilities

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code. CVE-2019-13132 It was discovered that ZeroMQ mishandled certain network traffic. An unauthenticated attacker could u...

9.8CVSS7.7AI score0.43862EPSS
Exploits2
OSV
OSV
added 2022/06/15 6:16 p.m.4 views

USN-4920-1 zeromq3 vulnerabilities

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code. CVE-2019-13132 It was discovered that ZeroMQ mishandled certain network traffic. An unauthenticated attacker could u...

9.8CVSS7.2AI score0.43862EPSS
Exploits2References6
Kitploit
Kitploit
added 2022/02/05 8:30 p.m.45 views

SentryPeer - A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot

A distributed list of bad actor IP addresses and phone numbers collected via a SIP Honeypot. Introduction This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to bloc...

7.1AI score
Exploits0References13
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.4 views

Mageia: Security Advisory (MGASA-2021-0159)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2020-0367)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.03408EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2019-0054)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS8.8AI score0.09444EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2019-0323)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.42464EPSS
Exploits1References6
CheckPoint Security
CheckPoint Security
added 2021/11/04 12:0 a.m.189 views

Check Point Response to CVE-2021-36299, CVE-2021-36300, CVE-2021-36301, CVE-2021-20235 - Dell iDRAC9 Vulnerabilities

Cause CVE-2021-36299 - An SQL injection vulnerability. A remote authenticated malicious user with low privileges may potentially exploit this vulnerability to cause information disclosure or denial of service by supplying specially crafted input data to the affected application. CVE-2021-36300 -...

8.2CVSS8.1AI score0.43862EPSS
Exploits0
Rows per page
Query Builder