CVE-2025-62723

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...

CVE-2025-62723 FlashMQ does not release memory of queued QoS messages

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...

EUVD-2025-35890

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.23.2, any authenticated user can create sessions and have them collect QoS messages. When not sent to a client, these are then not released upon eventual session expiration. Version 1.23.2 fixes the issue...

CVE-2025-62723

FlashMQ is an MQTT broker where, before 1.23.2, any authenticated user can create sessions that collect QoS messages. If not delivered to a client, these messages are not released when the session expires, which can lead to resource exhaustion or unreleased QoS data. The issue is fixed in version...

BIT-NGINX-INGRESS-CONTROLLER-2022-41742

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to cause a worker process crash, or might...

jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files

Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system...

CloudBees Jenkins Blue Ocean Arbitrary File Read Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . Jenkins Blue Ocean plug-in...

CloudBees Jenkins Blue Ocean Privilege Permission and Access Control Issues Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Blue Ocean Plugin is used in one of the visua...