34 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-33215
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats- server provides an MQTT client interface. Prior to...
CVE-2026-33215
NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. The nats-server provides an MQTT client interface. Prior to versions 2.11.15 and 2.12.5, Sessions and Messages can by hijacked via MQTT Client ID malfeasance. Versions 2.11.15 and 2.12.5 patch the issu...
MQTTX 跨站脚本漏洞
MQTTX is an open source MQTT client toolkit from EMQ Technologies. A cross-site scripting vulnerability exists in MQTTX version 1.12.0, which stems from improper handling of MQTT message payload rendering and could lead to cross-site scripting attacks...
CVE-2025-11643
A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furboimg of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated...
EUVD-2025-33906
A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furboimg of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated...
CVE-2025-11643
A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. Affected by this vulnerability is an unknown functionality of the file /squashfs-root/furboimg of the component MQTT Client Certificate. Performing manipulation results in hard-coded credentials. The attack may be initiated...
EUVD-2018-9361
Malware in sbrugna...
EUVD-2014-6002
Malware in sbrugna...
EUVD-2019-3446
Malware in sbrugna...
EUVD-2019-3445
Malware in sbrugna...
EUVD-2024-29366
Malicious code in bioql PyPI...
KMQTT 安全漏洞
KMQTT is a Kotlin multi-platform MQTT 3.1.1/5.0 client and proxy from the individual developer Davide Pianca. A security vulnerability exists in KMQTT version v0.4.8 that stems from allowing an attacker to cause a denial of service via a crafted request...
Malicious code in @mqttapplicationsamples/mqttjsclientextensions (npm)
--- -= Per source details. Do not edit below this line.=-...
Siemens SICAM Product Sensitive Information Plaintext Storage Vulnerability
The SICAM 8 power automation platform is a universal, integrated hardware and software-based solution for all applications in the power supply sector.The SICAM A8000 RTU Remote Terminal Unit series is a modular family of devices for remote control and automation applications in all areas of energ...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : mqtt-client vulnerability (USN-6685-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6685-1 advisory. It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this iss...
Ubuntu: Security Advisory (USN-6685-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6685-1: mqtt-client vulnerability
It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code...
Denial Of Service (DoS)
mosquitto is vulnerable to Denial of Service DoS. The vunerability allows a MQTT client connecting with a large number of user-property properties could cause denial of service...
SUSE CVE-2021-28166
In Eclipse Mosquitto version 2.0.0 to 2.0.9, if an authenticated client that had connected with MQTT v5 sent a crafted CONNACK message to the broker, a NULL pointer dereference would occur...
PT-2023-2790 · Inhand Networks · Inrouter 615 +1
Name of the Vulnerable Software and Affected Versions: InHand Networks InRouter 302 versions prior to IR302 V3.5.56 InHand Networks InRouter 615 versions prior to InRouter6XX-S-V2.3.0.r5542 Description: The issue is related to the use of insufficiently random values, specifically with the MQTT...