EUVD-2017-16659

Malware in sbrugna...

EUVD-2023-44242

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-7654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT...

mosquitto: sending specific sequences of packets may trigger memory leak

A flaw was found in Eclipse Mosquitto. A remote attacker may be able to trigger memory leakage, segmentation fault, or a heap-use-after-free condition by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE", and "PUBLISH" packets...

OESA-2024-1026 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

OESA-2023-1772 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

OESA-2023-1717 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

OESA-2023-1718 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

OESA-2023-1716 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

DEBIAN-CVE-2023-3592

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

Memory corruption

In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types...

DEBIAN-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

ALPINE-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

UBUNTU-CVE-2023-0809

In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets...

CVE-2023-3592

Eclipse Mosquitto CVE-2023-3592 affects Mosquitto prior to 2.0.16, where a memory leak occurs when clients send v5 CONNECT packets with a will message containing invalid property types. This memory leak can lead to broker unresponsiveness/DoS. Remediation from related advisories indicates upgradi...

DEBIAN-CVE-2017-7654

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker...

UBUNTU-CVE-2017-7654

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker...

CVE-2017-7654

In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker...

Denial Of Service (DoS) Through Memory Exhaustion

Mosquitto is vulnerable to denial of service DoS attacks. The vulnerability can be performed by unauthenticated clients and is caused when the brokers are unable to control limit memory usage when handling CONNECT packets. This allows multiple clients to cause a DoS through Memory Exhaustion...