Lucene search
K

11 matches found

Vulnrichment
Vulnrichment
added 2026/06/14 5:26 p.m.7 views

CVE-2026-54412

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...

8.8CVSS5.5AI score0.00407EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/14 12:0 a.m.18 views

PT-2026-49135

Name of the Vulnerable Software and Affected Versions LiamBindle MQTT-C versions prior to 1.1.7 Description A heap-based out-of-bounds read and integer underflow exist in the mqtt unpack publish response function within src/mqtt.c. A remote unauthenticated attacker who controls an MQTT broker or...

8.8CVSS5.5AI score0.00407EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/07/17 12:50 a.m.9 views

CVE-2024-42650

NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pubhandler.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted PUBLISH message...

7.5CVSS7.3AI score0.00546EPSS
Exploits1References1
OSV
OSV
added 2024/11/08 3:7 p.m.4 views

OESA-2024-2344 mosquitto security update

Mosquitto is an open source message broker that implements the MQ Telemetry Transport protocol version 3.1 and 3.1.1 MQTT provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for "machine to machine" messaging such as with low power senso...

9.8CVSS6.8AI score0.579EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2024/10/31 4:6 a.m.3 views

SUSE CVE-2024-3935

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6.5CVSS7AI score0.00761EPSS
Exploits1References4
OSV
OSV
added 2024/10/30 12:15 p.m.2 views

DEBIAN-CVE-2024-3935

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6.5CVSS5.4AI score0.00761EPSS
Exploits1References1
OSV
OSV
added 2024/10/30 12:15 p.m.13 views

CVE-2024-3935

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6.5CVSS6.8AI score
Exploits0References4
OSV
OSV
added 2024/10/30 12:15 p.m.3 views

UBUNTU-CVE-2024-3935

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6.5CVSS5.8AI score0.00761EPSS
Exploits1References6
CVE
CVE
added 2024/10/30 11:45 a.m.82 views

CVE-2024-3935

CVE-2024-3935 affects Eclipse Mosquitto: 2.0.0–2.0.18 expose a double-free crash when a broker with an outgoing bridge uses topic remapping and receives a crafted PUBLISH from a remote connection. Connected advisories confirm the issue across multiple distributions and show remediation through up...

6.5CVSS7.4AI score0.00761EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/30 11:45 a.m.15 views

CVE-2024-3935 Eclipse Mosquito: Double free vulnerability

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6CVSS7AI score0.00761EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/30 11:45 a.m.22 views

CVE-2024-3935 Eclipse Mosquito: Double free vulnerability

In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the...

6CVSS0.00761EPSS
Exploits1References3
Rows per page
Query Builder