Lucene search
K

29 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:9 a.m.7 views

CVE-2019-11778

If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1.6.4 inclusive, sets a last will and testament, sets a will delay interval, sets a session expiry interval, and the will delay interval is set longer than the session expiry interval, then a use after free error occurs, which h...

5.5CVSS6.8AI score0.00761EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/11/28 8:8 p.m.7 views

CVE-2025-65953

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free UAF vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library specifically in src/sp/transport/mqtt/brokertcp.c. The vulnerability...

6CVSS6.8AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/11/25 11:15 p.m.8 views

CVE-2025-65953

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Prior to version 0.22.5, a Heap-Use-After-Free UAF vulnerability exists in the TCP transport component of NanoMQ, which relies on the underlying NanoNNG library specifically in src/sp/transport/mqtt/brokertcp.c. The vulnerability...

6CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2025/11/25 11:13 p.m.15 views

CVE-2025-65953

NanoMQ (MQTT Broker) prior to 0.22.5 contains a Heap-Use-After-Free vulnerability in the TCP transport, caused by improper resource management and premature cleanup of message/pipe structures in src/sp/transport/mqtt/broker_tcp.c under certain malformed MQTTV5 retain traffic conditions. Affects N...

6CVSS6.5AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2021-14859

Malware in sbrugna...

6.5CVSS6.7AI score0.00968EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-21087

Malware in sbrugna...

6.5CVSS6.3AI score0.01113EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2021-28191

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.0126EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2022/05/20 10:52 p.m.26 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1References1
NVD
NVD
added 2021/12/01 8:15 p.m.21 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS0.0126EPSS
Exploits1References2
OSV
OSV
added 2021/12/01 8:15 p.m.26 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS6.5AI score
Exploits0References2
OSV
OSV
added 2021/12/01 8:15 p.m.2 views

DEBIAN-CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS7.2AI score0.0126EPSS
Exploits1References1
Prion
Prion
added 2021/12/01 8:15 p.m.21 views

Denial of service

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

5CVSS7.2AI score0.0126EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinux
added 2021/12/01 8:15 p.m.36 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS3.3AI score0.0126EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2021/12/01 8:15 p.m.24 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS7.1AI score0.0126EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/12/01 12:0 a.m.35 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5AI score0.0126EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2021/12/01 12:0 a.m.24 views

CVE-2021-41039

In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service...

7.5CVSS7.3AI score0.0126EPSS
Exploits1
Prion
Prion
added 2021/07/22 2:15 p.m.23 views

Memory corruption

In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker...

4CVSS6.3AI score0.01113EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2021/07/22 2:15 p.m.34 views

CVE-2021-34431

In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker...

6.5CVSS6.6AI score0.01113EPSS
Exploits0References3
OSV
OSV
added 2021/07/12 9:57 p.m.3 views

MGASA-2021-0349 Updated mosquitto packages fix security vulnerability

Updated mosquitto packages fix security vulnerability: If an authenticated client connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur. For other fixes in this update, see the mosquitto.org blog reference...

6.9AI score
Exploits0References3
Veracode
Veracode
added 2021/04/19 5:21 p.m.11 views

Denial Of Service (DoS)

Eclipse Mosquitto is vulnerable to denial of service. If an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur...

6.5CVSS3.4AI score0.00968EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder