Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2019-3446

Malware in sbrugna...

6.5CVSS7AI score0.16327EPSS
Exploits0References13
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2019-0481

Malware in sbrugna...

7.5CVSS7.4AI score0.00544EPSS
Exploits1References3
RedhatCVE
RedhatCVEadded 2025/05/22 8:22 a.m.5 views

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

7.5CVSS6.8AI score0.00544EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/10/11 12:0 a.m.2 views

PT-2024-38981

Name of the Vulnerable Software and Affected Versions: Eclipse Mosquitto versions up to 2.0.18a Description: The issue allows an attacker to cause memory leaking, segmentation fault, or heap-use-after-free by sending specific sequences of packets, including "CONNECT", "DISCONNECT", "SUBSCRIBE",...

9.8CVSS7AI score0.17889EPSS
Exploits3References44
Mageia
Mageiaadded 2019/11/30 1:6 p.m.37 views

Updated mosquitto packages fix security vulnerability

Updated mosquitto packages fix security vulnerability: A vulnerability was discovered in mosquitto, allowing a malicious MQTT client to cause a denial of service stack overflow and daemon crash, by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy...

6.5CVSS2.2AI score0.16327EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2019/11/18 12:0 a.m.38 views

Debian DSA-4570-1 : mosquitto - security update

A vulnerability was discovered in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker, allowing a malicious MQTT client to cause a denial of service stack overflow and daemon crash, by sending a specially crafted SUBSCRIBE packet containing a topic with a extremely deep hierarchy. C...

6.5CVSS7AI score0.16327EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2019/10/28 12:0 a.m.33 views

Debian DLA-1972-1 : mosquitto security update

Several issues have been found in mosquitto, a MQTT version 3.1/3.1.1 compatible message broker. CVE-2017-7655 A Null dereference vulnerability in the Mosquitto library could lead to crashes for those applications using the library. CVE-2018-12550 An ACL file with no statements was treated as...

8.1CVSS7AI score0.16327EPSS
Exploits1References6
NVD
NVDadded 2019/09/19 2:15 p.m.15 views

CVE-2019-11779

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur...

6.5CVSS6.7AI score0.16327EPSS
Exploits0References10
Prion
Prionadded 2019/09/19 2:15 p.m.21 views

Stack overflow

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur...

4CVSS6.7AI score0.16327EPSS
Exploits0References10Affected Software6
AlpineLinux
AlpineLinuxadded 2019/09/19 1:30 p.m.46 views

CVE-2019-11779

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur...

6.5CVSS6.9AI score0.16327EPSS
Exploits0
Cvelist
Cvelistadded 2019/09/19 1:30 p.m.21 views

CVE-2019-11779

In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet containing a topic that consists of approximately 65400 or more '/' characters, i.e. the topic hierarchy separator, then a stack overflow will occur...

6.8AI score0.16327EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2019/09/19 12:0 a.m.1 views

PT-2019-4894 · Eclipse +3 · Eclipse Mosquitto +3

Name of the Vulnerable Software and Affected Versions: Eclipse Mosquitto versions 1.5.0 through 1.6.5 Description: The issue is related to insufficient exception state checking, which can be exploited by a remote attacker to cause a denial of service. This can happen when a malicious MQTT client...

8.1CVSS7.9AI score0.16327EPSS
Exploits1References52
Github Security Blog
Github Security Blogadded 2019/05/14 4:2 a.m.23 views

Improper Input Validation and Buffer Over-read in mqtt-packet

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

7.5CVSS3.7AI score0.00544EPSS
Exploits1References3Affected Software1
OSV
OSVadded 2019/05/06 5:29 p.m.1 views

DEBIAN-CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

7.5CVSS7AI score0.00544EPSS
Exploits1References1
OSV
OSVadded 2019/05/06 5:29 p.m.0 views

UBUNTU-CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

7.5CVSS5.8AI score0.00544EPSS
Exploits1References3
Debian CVE
Debian CVEadded 2019/05/06 4:48 p.m.28 views

CVE-2019-5432

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

7.5CVSS7.4AI score0.00544EPSS
Exploits1
Snyk
Snykadded 2019/04/28 8:5 a.m.1 views

Buffer Over-read

Overview mqtt-packet is an Encoder and Decoder for MQTT. Affected versions of this package are vulnerable to Buffer Over-read. An attacker could trigger an out of range read on a buffer which throws a RangeError. MQTT Brokers using this module could be forced to crash by sending a specifically...

7.5CVSS7AI score0.00544EPSS
Exploits1References2
NVD
NVDadded 2018/10/29 12:29 p.m.8 views

CVE-2018-18765

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mgmqttnextsubscribetopic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...

9.1CVSS9AI score0.00359EPSS
Exploits1References2
OSV
OSVadded 2018/10/29 12:29 p.m.0 views

UBUNTU-CVE-2018-18764

An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parsemqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially...

9.1CVSS7.5AI score0.00359EPSS
Exploits1References2
OSV
OSVadded 2017/11/07 4:29 p.m.2 views

DEBIAN-CVE-2017-2893

An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet ove...

7.5CVSS6.9AI score0.05265EPSS
Exploits2References1
Rows per page
Query Builder