4 matches found
EUVD-2024-42180
Malicious code in bioql PyPI...
CVE-2024-46874 Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...
CVE-2024-46874 Ruijie Reyee OS Improper Handling of Insufficient Permissions or Privileges
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could allow MQTT clients connecting with device credentials to send messages to some topics. Attackers with device credentials could issue commands to other devices on behalf of Ruijie's cloud...
MGASA-2019-0345 Updated mosquitto packages fix security vulnerability
Updated mosquitto packages fix security vulnerability: A vulnerability was discovered in mosquitto, allowing a malicious MQTT client to cause a denial of service stack overflow and daemon crash, by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy...