CVE-2021-37703

Discourse is an open-source platform for community discussion. In Discourse before versions 2.7.8 and 2.8.0.beta5, a user's read state for a topic such as the last read post number and the notification level is exposed...

Discourse 信息泄露漏洞

Discourse is an open source community discussion platform that includes community, email and chat room features. The platform includes community, email, and chat room features.Discourse suffers from an information disclosure vulnerability that stems from not adding a valid configuration to the...

DEBIAN-CVE-2021-34432

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0...

ALPINE-CVE-2021-34432

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0...

CVE-2021-34432

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0...

UBUNTU-CVE-2021-34432

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0...

CVE-2021-34432

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0...

PT-2021-12045 · Unknown · Uwebsockets

Name of the Vulnerable Software and Affected Versions: uWebSockets versions 18.11.0 through 18.12.0 Description: The issue is related to a stack-based buffer overflow in the uWS::TopicTree::trimTree function, which is called from uWS::TopicTree::unsubscribeAll. The vendor disputes the severity of...

The vulnerability of the get_topic_info() function (sys/CODOF/Forum/Topic.php) in the Codoforum forum creation software allows a violator to execute arbitrary code.

The vulnerability of the gettopicinfo function sys/CODOF/Forum/Topic.php in the Codoforum forum creation software relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary code on the target system remotely...

Unspecified Vulnerability in ZeroMQ

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ server versions prior to 4.3.3, which stems from a vulnerability that allows a malicious client to cause a stack buffer overflow on the server by sending a carefully crafted topic...

CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

DEBIAN-CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribin...

CVE-2021-20236

A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as...

ZeroMQ 缓冲区错误漏洞

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ server versions prior to 4.3.3, which stems from a vulnerability that allows a malicious client to cause a stack buffer overflow on the server by sending a carefully crafted topic...

PT-2021-8015 · Zeromq +2 · Zeromq +2

Name of the Vulnerable Software and Affected Versions: ZeroMQ versions prior to 4.3.3 Description: A flaw in the ZeroMQ server allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. This poses a threat to...

CVE-2020-13873

A SQL Injection vulnerability in gettopicinfo in sys/CODOF/Forum/Topic.php in Codoforum before 4.9 allows remote attackers pre-authentication to bypass the admin page via a leaked password-reset token of the admin. As an admin, an attacker can upload a PHP shell and execute remote code on the...

CVE-2020-35337

ThinkSAAS before 3.38 contains a SQL injection vulnerability through app/topic/action/admin/topic.php via the title parameter, which allows remote attackers to execute arbitrary SQL commands...

Cyberattacks See Fundamental Changes, A Year into COVID-19

COVID-19-related phishing emails, brute-force attacks on remote workers, and a focus on exploiting or abusing collaboration platforms are the hallmarks of cybercriminal enterprise as the coronavirus marks its first anniversary of going global. A year after the COVID-19 crisis was officially...

CVE-2021-20236

A flaw was found in the ZeroMQ server. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system...