29 matches found
CVE-2026-8668
A static credential embedded in Chef 360 prior to v1.7.0 permitted unauthenticated access to internal message queues. Queue messages contained tenant-specific identifiers. The credential has been rotated and replaced with per-tenant access in subsequent versions, eliminating this access method...
Linux Distros Unpatched Vulnerability : CVE-2022-50748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipc: mqueue: fix possible memory leak in initmqueuefs commit db7cfc380900 ipc: Free mqsysctls if ipc namespace creation failed Here's a similar memory leak to t...
EUVD-2011-2898
Malware in sbrugna...
The vulnerability of Windows operating systems’ message queues allows a perpetrator to execute arbitrary code.
The vulnerability of Windows operating systems’ message queues is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
SUSE CVE-2021-47069
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...
DEBIAN-CVE-2021-47069
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry domqtimedreceive calls wqsleep with a stack local address. The sender domqtimedsend uses this address to later call pipelinedsend. This leads to a very hard...
The vulnerability of Windows operating systems’ message queues allows attackers to gain unauthorized access to protected information.
The vulnerability of Message Queuing in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...
The vulnerability of Windows operating systems’ message queues allows attackers to gain unauthorized access to protected information.
The vulnerability of Message Queuing in Windows operating systems is related to insufficient protection of operational data. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...
The vulnerability of Windows operating systems’ message queues allows attackers to induce service failures.
The vulnerability of Windows operating systems’ message queues is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
The vulnerability of Windows operating systems’ message queues allows a perpetrator to execute arbitrary code.
The vulnerability of Windows operating systems’ message queues is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Windows operating systems’ message queues allows a perpetrator to execute arbitrary code.
The vulnerability of Windows operating systems’ message queues is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of Windows operating systems’ message queues allows attackers to induce service failures.
The vulnerability of Windows operating systems’ message queues is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
[SECURITY] Fedora 37 Update: syslog-ng-3.37.1-2.fc37
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...
[SECURITY] Fedora 36 Update: syslog-ng-3.35.1-4.fc36
syslog-ng is an enhanced log daemon, supporting a wide range of input and output methods: syslog, unstructured text, message queues, databases SQL and NoSQL alike and more. Key features: receive and send RFC3164 and RFC5424 style syslog messages work with any kind of unstructured data receive and...
SiPass Integrated Access Control Vulnerability
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, an affected application does not adequately restrict access to the internal message broker system. An attacker could exploit the vulnerability to subscribe to arbitrary message queues...
CVE-2021-44522
A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...
Siemens SiPass Integrated和Siveillance Identity 安全漏洞
SiPass integrated is an access control system. With the SiPass integrated access control vulnerability, an affected application does not adequately restrict access to the internal message broker system. An attacker could exploit the vulnerability to subscribe to arbitrary message queues...
PT-2021-3819 · Gnu +1 · Glibc +1
Name of the Vulnerable Software and Affected Versions: glibc versions through 2.34 Description: The issue is related to the mishandling of certain NOTIFY REMOVED data in the sysdeps/unix/sysv/linux/mq notify.c component of the GNU C Library glibc, leading to a NULL pointer dereference. This can b...
[SECURITY] Fedora 33 Update: zeromq-4.3.4-1.fc33
The 0MQ lightweight messaging kernel is a library which extends the standard socket interfaces with features traditionally provided by specialized messaging middle-ware products. 0MQ sockets provide an abstraction of asynchronous message queues, multiple messaging patterns, message filtering...
Fedora: Security Advisory for zeromq (FEDORA-2021-8b3202b783)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...