Filter
AND
Eclipse MosquittoWhen Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use a password file for aut…
8.1
First published (updated )
Eclipse MosquittoWhen Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) is configured to use an ACL file, and that A…
8.1
First published (updated )
Eclipse MosquittoThe broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused…
7.5
First published (updated )
Eclipse MosquittoIn versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse MosquittoIn Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will me…
7.5
First published (updated )
CVE-2023-5632Unconditionally adding an event to the epoll causes excessive CPU consumption
7.5
EPSS
0.04%
First published (updated )
ubuntu/mosquittoIn Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto …
7.5
First published (updated )
Debian Debian LinuxIn Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then …
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse MosquittoEclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set …
7.5
First published (updated )
Debian Debian LinuxIn Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memo…
7.5
First published (updated )
Fedoraproject FedoraIn Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT client sends a SUBSCRIBE packet c…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse MosquittoIn Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/cl…
6.5
First published (updated )
Eclipse MosquittoIn Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message to …
6.5
First published (updated )
Eclipse MosquittoIn Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT …
6.5
First published (updated )
debian/mosquittoIn Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that ar…
5.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Fedoraproject FedoraIn Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability …
5.3
First published (updated )