EUVD-2023-38545

Malicious code in bioql PyPI...

CVE-2024-31040

Buffer Overflow vulnerability in the getvarinteger function in mqttparser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams...

CVE-2023-34488

NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the connhandler function of mqttparser.c when it processes malformed messages...

NanoMQ 安全漏洞

NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms open-sourced by EMQ Technologies, USA. A security vulnerability exists in NanoMQ version 0.21.7, which stems from a buffer overflow vulnerability in the getvarinteger function in the file mqttparser.c. The vulnerability can be...

NanoMQ 安全漏洞

NanoMQ is a lightweight and fast MQTT Broker for IoT edge platforms open-sourced by EMQ Technologies, USA. A security vulnerability exists in NanoMQ version 0.21.7, which stems from a null pointer dereference vulnerability in the topicfiltern function in the file mqttparser.c. The vulnerability c...

PT-2024-23737 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.21.7 Description: The issue is related to a Buffer Overflow vulnerability in the get var integer function in mqtt parser.c. This allows remote attackers to cause a denial of service via a series of specially crafted hexstream...

CVE-2023-34488

NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the connhandler function of mqttparser.c when it processes malformed messages...

PT-2023-24905 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.5 Description: The issue arises from a heap-buffer-overflow in the conn handler function of mqtt parser.c when processing malformed messages. Recommendations: For NanoMQ version 0.17.5, at the moment, there is no informati...

PT-2023-24440 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.2 Description: A heap buffer overflow issue exists, which can be triggered by calling the function copyn str in the file mqtt parser.c. This can lead to a denial of service attack. Recommendations: For NanoMQ version 0.17....

EMQ Technologies NanoMQ 缓冲区错误漏洞

EMQ Technologies NanoMQ is an ultra-lightweight, fast MQTT agent for the IoT edge from EMQ Technologies, USA. A security vulnerability exists in EMQ Technologies NanoMQ version 0.17.2, which originates from a heap buffer overflow that can be triggered by calling the function nmqsubinfodecode in t...

CVE-2023-29995

In NanoMQ v0.15.0-0, a Heap overflow occurs in copynutf8str function of mqttparser.c...

PT-2023-22508 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.15.0-0 Description: A Heap overflow occurs in the copyn utf8 str function of mqtt parser.c. Recommendations: For NanoMQ version 0.15.0-0, consider disabling the copyn utf8 str function as a temporary workaround until a patch ...

CVE-2023-29995

In NanoMQ v0.15.0-0, a Heap overflow occurs in copynutf8str function of mqttparser.c...