Lucene search
K

8 matches found

OSV
OSV
added 2026/05/20 4:2 a.m.10 views

JLSEC-2026-517

An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...

7.5CVSS7.1AI score0.01694EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/14 1:27 a.m.5 views

CVE-2026-25767

LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policymaker” tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not...

8.6CVSS5.5AI score0.00251EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/12 7:49 p.m.4 views

CVE-2026-25767

LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policymaker” tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not...

8.6CVSS5.5AI score0.00251EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.4 views

Cesanta Mongoose Buffer Error Vulnerability

Cesanta Mongoose is a suite of embedded server libraries from the Irish company Cesanta that includes features for TCP, HTTP client and server, and WenSocket client and server. A security vulnerability exists in Cesanta Mongoose version 7.11 that stems from not validating the length of...

8.8CVSS6.8AI score0.01014EPSS
Exploits1References4
CNNVD
CNNVD
added 2021/05/28 12:0 a.m.4 views

ZeroMQ 资源管理错误漏洞

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from an uncontrolled resource consumption flaw. A remote, unauthenticated attacker can exploit the vulnerability to send a crafted PUB message that consumes too much memory,...

7.5CVSS8.3AI score0.01694EPSS
Exploits0References2
OSV
OSV
added 2020/06/05 6:15 p.m.5 views

CVE-2020-10071

The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...

9.8CVSS6.4AI score0.03395EPSS
Exploits0References4
Prion
Prion
added 2020/06/05 6:15 p.m.20 views

Buffer overflow

The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...

7.5CVSS9.9AI score0.03395EPSS
Exploits0References4Affected Software1
CNVD
CNVD
added 2019/07/02 12:0 a.m.2 views

Odoo Access Control Error Vulnerability (CNVD-2019-30571)

Odoo is an open source commercial system from the Belgian company Odoo. An access control error vulnerability exists in the portal message sending system in Odoo, which can be exploited by an attacker to publish messages...

5.3CVSS6.9AI score0.01399EPSS
Exploits0References1
Rows per page
Query Builder