Astra Linux - уязвимость в zeromq3

A uncontrolled resource consumption memory leak flaw was discovered in ZeroMQ’s src/xpub.cpp in versions prior to 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if CURVE/ZAP authentication is disabled on the server, resulting i...

EUVD-2014-7076

Malware in sbrugna...

EUVD-2020-7240

Malware in sbrugna...

EUVD-2021-7676

Malicious code in bioql PyPI...

EUVD-2023-31803

Malicious code in bioql PyPI...

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

OESA-2024-1133 zeromq security update

ZeroMQ also spelled ØMQ, 0MQ or ZMQ is a high-performance asynchronous messaging library, aimed at use in distributed or concurrent applications. It provides a message queue, but unlike message-oriented middleware, a ZeroMQ system can run without a dedicated message broker. The library's API is...

SUSE CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

Unspecified Vulnerability in ZeroMQ

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ server versions prior to 4.3.3, which stems from a vulnerability that allows a malicious client to cause a stack buffer overflow on the server by sending a carefully crafted topic...

ZeroMQ Resource Management Error Vulnerability

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from an uncontrolled resource consumption flaw. A remote, unauthenticated attacker can exploit the vulnerability to send a crafted PUB message that consumes too much memory,...

SUSE-SU-2020:3264-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2020-15166: Fixed the possibility of unauthenticated clients causing a denial-of-service bsc1176116. - Fixed a heap overflow when receiving malformed ZMTP v1 packets bsc1176256 - Fixed a memory leak in client induced by malicious servers...

DEBIAN-CVE-2020-15166

In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able...

PT-2020-6974 · Zeromq +3 · Zeromq +3

Name of the Vulnerable Software and Affected Versions: ZeroMQ versions prior to 4.3.3 Description: An uncontrolled resource consumption flaw, also known as a memory leak, was found in ZeroMQ's src/xpub.cpp. This issue allows a remote unauthenticated attacker to send crafted PUB messages that...

DEBIAN-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

SUSE-SU-2019:1785-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. bsc1140255...

USN-4050-1: ZeroMQ vulnerability

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code...

SUSE-SU-2019:14117-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. bsc1140255...

UBUNTU-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

SUSE-SU-2019:0110-1 Security update for zeromq

This update for zeromq fixes the following issues: Security issue fixed: - CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow bsc1121717...

CVE-2014-7203

libzmq aka ZeroMQ/C++ 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors...