Lucene search
K

13 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:26 a.m.2 views

SUSE CVE-2018-12550

When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...

8.1CVSS8AI score0.01353EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2019/10/27 12:0 a.m.62 views

Debian: Security Advisory (DLA-1972-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.2AI score0.02742EPSS
Exploits1References3
Debian
Debian
added 2019/10/26 9:33 p.m.131 views

[SECURITY] [DLA 1972-1] mosquitto security update

Package : mosquitto Version : 1.3.4-2+deb8u4 CVE ID : CVE-2017-7655 CVE-2018-12550 CVE-2018-12551 CVE-2019-11779 Several issues have been found in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker. CVE-2017-7655 A Null dereference vulnerability in the Mosquitto library could lead to...

8.1CVSS7.6AI score0.02742EPSS
Exploits1
NVD
NVD
added 2019/03/27 6:29 p.m.17 views

CVE-2018-12550

When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...

8.1CVSS7.8AI score0.01353EPSS
Exploits0References2
CVE
CVE
added 2019/03/27 5:26 p.m.175 views

CVE-2018-12550

CVE-2018-12550 affects Eclipse Mosquitto 1.0–1.5.5 when an ACL file is configured but empty or only comments/blank lines, causing the broker to treat the file as defined and switch from a default deny to a default allow policy. Public disclosures in connected docs confirm the vulnerability behavi...

8.1CVSS6.9AI score0.01353EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/03/27 5:26 p.m.29 views

CVE-2018-12550

When Eclipse Mosquitto version 1.0 to 1.5.5 inclusive is configured to use an ACL file, and that ACL file is empty, or contains only comments or blank lines, then Mosquitto will treat this as though no ACL file has been defined and use a default allow policy. The new behaviour is to have an empty...

8.1CVSS8.1AI score0.01353EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/02/25 12:0 a.m.32 views

openSUSE Security Update : mosquitto (openSUSE-2019-233)

This update for mosquitto fixes the following issues : Security issues fixed : - CVE-2018-12546: Fixed an issue with revoked access to topics bsc1125019. - CVE-2018-12551: Fixed an issue which allowed malformed data in the password file to be treated as valid bsc1125020. - CVE-2018-12550: Fixed a...

8.1CVSS6.9AI score0.01475EPSS
Exploits2References6
OSV
OSV
added 2019/02/23 8:3 a.m.6 views

OPENSUSE-SU-2019:0237-1 Security update for mosquitto

This update for mosquitto fixes the following issues: Security issues fixed: - CVE-2018-12546: Fixed an issue with revoked access to topics bsc1125019. - CVE-2018-12551: Fixed an issue which allowed malformed data in the password file to be treated as valid bsc1125020. - CVE-2018-12550: Fixed an ...

8.1CVSS6.8AI score0.01475EPSS
Exploits2References7
OPENSUSE Linux
OPENSUSE Linux
added 2019/02/23 12:0 a.m.225 views

Security update for mosquitto (low)

openSUSE Security Update: Security update for mosquitto Announcement ID: openSUSE-SU-2019:0237-1 Rating: low References: 1125019 1125020 1125021 Cross-References: CVE-2018-12546 CVE-2018-12550 CVE-2018-12551 Affected Products: openSUSE Backports SLE-15 An update that fixes three vulnerabilities i...

8.1CVSS7.8AI score0.01475EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2019/02/23 12:0 a.m.24 views

openSUSE: Security Advisory for mosquitto (openSUSE-SU-2019:0233-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.3AI score0.01475EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2019/02/18 12:0 a.m.28 views

Fedora Update for mosquitto FEDORA-2019-8cbe2a05cd

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/02/11 12:0 a.m.30 views

Debian DSA-4388-1 : mosquitto - security update

Three vulnerabilities were discovered in the Mosquitto MQTT broker, which could result in authentication bypass. Please refer to https://mosquitto.org/blog/2019/02/version-1-5-6-released/ for additional information. C Tenable Network Security, Inc. The descriptive text and package checks in this...

8.1CVSS7AI score0.01475EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2019/02/09 12:0 a.m.74 views

Debian: Security Advisory (DSA-4388-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS7.3AI score0.01475EPSS
Exploits2References5
Rows per page
Query Builder