CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2026/01/07 9:27 a.m.•6 views

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS6.8AI score0.0071EPSS

Exploits0References1

Github Security Blog•added 2022/05/24 4:46 p.m.•22 views

Hybrid Group Gobot Improper Certificate Validation vulnerability

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default. Specific Go Packages Affected github.com/hybridgroup/gobot/platforms/mqtt...

7.5CVSS7.3AI score0.0071EPSS

Exploits0References6Affected Software1

OSV•added 2022/05/24 4:46 p.m.•16 views

GHSA-VFXC-R2GX-V2VQ Hybrid Group Gobot Improper Certificate Validation vulnerability

7.5CVSS7.4AI score0.0071EPSS

Exploits0References6

OSV•added 2021/04/14 8:4 p.m.•14 views

GO-2021-0083 Improper certificate validation in github.com/hybridgroup/gobot

TLS certificate verification is skipped when connecting to a MQTT server. This allows an attacker who can MITM the connection to read, or forge, messages passed between the client and server...

7.5CVSS7.3AI score0.0071EPSS

Exploits0References2

NVD•added 2019/05/31 11:29 a.m.•11 views

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS7.5AI score0.0071EPSS

Exploits0References2

OSV•added 2019/05/31 11:29 a.m.•12 views

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS6.8AI score

Exploits0References2

Prion•added 2019/05/31 11:29 a.m.•10 views

Default credentials

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

5CVSS7.5AI score0.0071EPSS

Exploits0References2Affected Software1

CVE•added 2019/05/31 10:59 a.m.•114 views

CVE-2019-12496

Hybrid Group Gobot (github.com/hybridgroup/gobot) has a vulnerability CVE-2019-12496 in versions before 1.13.0 where the mqtt subsystem skips verification of root CA certificates by default. This permits a man-in-the-middle attacker to read or forge messages between the MQTT client and server. Af...

7.5CVSS7.4AI score0.0071EPSS

Exploits0References2Affected Software1

Cvelist•added 2019/05/31 10:59 a.m.•12 views

CVE-2019-12496

An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt subsystem skips verification of root CA certificates by default...

7.5AI score0.0071EPSS

Exploits0References2

GitLab Advisory Database•added 2019/05/31 12:0 a.m.•14 views

Improper Certificate Validation

An issue was discovered in Hybrid Group Gobot. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS1.6AI score0.0071EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2019/05/31 12:0 a.m.•3 views

PT-2019-12825 · Hybrid · Gobot

Name of the Vulnerable Software and Affected Versions: Hybrid Group Gobot versions prior to 1.13.0 Description: The issue concerns the mqtt subsystem skipping verification of root CA certificates by default, allowing an attacker who can perform a man-in-the-middle MITM attack to read or forge...

7.5CVSS7.2AI score0.0071EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by