Lucene search

K
EmqxNanomq

21 matches found

CVE
CVE
added 2024/02/26 5:15 p.m.5583 views

CVE-2024-25767

nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c.

6.5CVSS6.7AI score0.0015EPSS
CVE
CVE
added 2023/06/12 2:15 p.m.149 views

CVE-2023-34494

NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c.

7.5CVSS7.4AI score0.00225EPSS
CVE
CVE
added 2023/06/12 2:15 p.m.148 views

CVE-2023-34488

NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the conn_handler function of mqtt_parser.c when it processes malformed messages.

7.8CVSS7.7AI score0.00092EPSS
CVE
CVE
added 2023/06/08 12:15 p.m.142 views

CVE-2023-33660

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00121EPSS
CVE
CVE
added 2023/06/08 1:15 p.m.140 views

CVE-2023-33657

A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.

7.5CVSS7.3AI score0.0007EPSS
CVE
CVE
added 2023/05/04 5:15 p.m.104 views

CVE-2023-29995

In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c

7.5CVSS7.6AI score0.00102EPSS
CVE
CVE
added 2023/05/04 5:15 p.m.101 views

CVE-2023-29996

In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode.

7.5CVSS7.5AI score0.0009EPSS
CVE
CVE
added 2023/05/04 5:15 p.m.97 views

CVE-2023-29994

In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.

7.5CVSS7.6AI score0.00078EPSS
CVE
CVE
added 2024/04/17 7:15 p.m.56 views

CVE-2024-31041

Null Pointer Dereference vulnerability in topic_filtern function in mqtt_parser.c in NanoMQ 0.21.7 allows attackers to cause a denial of service.

7.5CVSS6.7AI score0.00141EPSS
CVE
CVE
added 2024/04/22 10:15 p.m.53 views

CVE-2024-31036

A heap-buffer-overflow vulnerability in the read_byte function in NanoMQ v.0.21.7 allows attackers to cause a denial of service via transmission of crafted hexstreams.

6.8CVSS6.7AI score0.00061EPSS
CVE
CVE
added 2024/04/17 7:15 p.m.50 views

CVE-2024-31040

Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.

2.7CVSS6.9AI score0.00328EPSS
CVE
CVE
added 2024/09/12 8:15 p.m.44 views

CVE-2024-44460

An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS).

7.5CVSS6.8AI score0.00196EPSS
CVE
CVE
added 2023/05/30 6:15 p.m.34 views

CVE-2023-33656

A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.

5.5CVSS5.3AI score0.00061EPSS
CVE
CVE
added 2023/06/08 12:15 p.m.34 views

CVE-2023-33658

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00093EPSS
CVE
CVE
added 2023/06/06 12:15 p.m.28 views

CVE-2023-33659

A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.

7.5CVSS7.5AI score0.00113EPSS
CVE
CVE
added 2025/07/14 5:15 p.m.6 views

CVE-2024-42648

NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.

6.5CVSS7.6AI score0.00046EPSS
CVE
CVE
added 2025/07/14 5:15 p.m.6 views

CVE-2024-42649

NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.

6.5CVSS7.3AI score0.00046EPSS
CVE
CVE
added 2025/07/15 4:15 p.m.6 views

CVE-2024-42650

NanoMQ 0.17.5 was discovered to contain a segmentation fault via the component /nanomq/pub_handler.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.

7.5CVSS7.2AI score0.00043EPSS
CVE
CVE
added 2025/07/14 5:15 p.m.5 views

CVE-2024-42646

A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.

7.5CVSS7AI score0.00049EPSS
CVE
CVE
added 2025/07/29 7:15 p.m.5 views

CVE-2024-42651

NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message.

7.5CVSS6.9AI score0.00049EPSS
CVE
CVE
added 2025/07/29 7:15 p.m.5 views

CVE-2024-42655

An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.

8.8CVSS6.6AI score0.00039EPSS