Astra Linux – Vulnerability in Zeromq3

A uncontrolled resource consumption memory leak flaw was discovered in ZeroMQ’s src/xpub.cpp in versions prior to 4.3.3. This flaw allows a remote unauthenticated attacker to send crafted PUB messages that consume excessive memory if CURVE/ZAP authentication is disabled on the server, resulting i...

EUVD-2020-7240

Malware in sbrugna...

EUVD-2014-7076

Malware in sbrugna...

EUVD-2021-7676

Malicious code in bioql PyPI...

EUVD-2023-31803

Malicious code in bioql PyPI...

The vulnerability of the asynchronous messaging library ZeroMQ, related to the occurrence of stack buffer overflows on the server, allows attackers to compromise the confidentiality, integrity, and accessibility of the system.

The vulnerability of the asynchronous messaging library ZeroMQ relates to the invocation of a buffer overflow on the server. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the system by sending specially crafted subscription...

CVE-2023-28078

Dell OS10 Networking Switches running 10.5.2.x and above contain a vulnerability with zeroMQ when VLT is configured. A remote unauthenticated attacker could potentially exploit this vulnerability leading to information disclosure and a possible Denial of Service when a huge number of requests are...

OESA-2024-1133 zeromq security update

ZeroMQ also spelled ØMQ, 0MQ or ZMQ is a high-performance asynchronous messaging library, aimed at use in distributed or concurrent applications. It provides a message queue, but unlike message-oriented middleware, a ZeroMQ system can run without a dedicated message broker. The library's API is...

SUSE CVE-2014-7202

streamengine.cpp in libzmq aka ZeroMQ/C++ 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request...

Unspecified Vulnerability in ZeroMQ

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ server versions prior to 4.3.3, which stems from a vulnerability that allows a malicious client to cause a stack buffer overflow on the server by sending a carefully crafted topic...

ZeroMQ Resource Management Error Vulnerability

ZeroMQ is a lightweight distributed messaging engine core library . A security vulnerability exists in ZeroMQ that stems from an uncontrolled resource consumption flaw. A remote, unauthenticated attacker can exploit the vulnerability to send a crafted PUB message that consumes too much memory,...

SUSE-SU-2020:3264-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2020-15166: Fixed the possibility of unauthenticated clients causing a denial-of-service bsc1176116. - Fixed a heap overflow when receiving malformed ZMTP v1 packets bsc1176256 - Fixed a memory leak in client induced by malicious servers...

DEBIAN-CVE-2020-15166

In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients will not be able...

PT-2020-6974 · Zeromq +3 · Zeromq +3

Name of the Vulnerable Software and Affected Versions: ZeroMQ versions prior to 4.3.3 Description: An uncontrolled resource consumption flaw, also known as a memory leak, was found in ZeroMQ's src/xpub.cpp. This issue allows a remote unauthenticated attacker to send crafted PUB messages that...

DEBIAN-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

SUSE-SU-2019:1785-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. bsc1140255...

USN-4050-1: ZeroMQ vulnerability

It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code...

SUSE-SU-2019:14117-1 Security update for zeromq

This update for zeromq fixes the following issues: - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. bsc1140255...

UBUNTU-CVE-2019-13132

In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due...

The vulnerability of the libzmq library in the messaging system ZeroMQ allows a hacker to execute arbitrary code.

The vulnerability of the libzmq library in the messaging system ZeroMQ is due to a numerical overflow condition. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...