8 matches found
JLSEC-2026-517
An uncontrolled resource consumption memory leak flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disabled on the server, causing a...
CVE-2026-25767
LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policymaker” tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not...
CVE-2026-25767
LavinMQ is a high-performance message queue & streaming server. Before 2.6.8, an authenticated user, with the “Policymaker” tag, could create shovels bypassing access controls. an authenticated user with the "Policymaker" management tag could exploit it to read messages from vhosts they are not...
Cesanta Mongoose Buffer Error Vulnerability
Cesanta Mongoose is a suite of embedded server libraries from the Irish company Cesanta that includes features for TCP, HTTP client and server, and WenSocket client and server. A security vulnerability exists in Cesanta Mongoose version 7.11 that stems from not validating the length of...
ZeroMQ 资源管理错误漏洞
ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from an uncontrolled resource consumption flaw. A remote, unauthenticated attacker can exploit the vulnerability to send a crafted PUB message that consumes too much memory,...
CVE-2020-10071
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
Buffer overflow
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions...
Odoo Access Control Error Vulnerability (CNVD-2019-30571)
Odoo is an open source commercial system from the Belgian company Odoo. An access control error vulnerability exists in the portal message sending system in Odoo, which can be exploited by an attacker to publish messages...