Shodan
Vulnerabilities
Vulnerable Software
Emqx:  >> Nanomq  Security Vulnerabilities
CVE-2024-25767
nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-02-26
CVE-2023-34488
NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the conn_handler function of mqtt_parser.c when it processes malformed messages.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-06-12
CVE-2023-34494
NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-06-12
CVE-2023-33657
A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-08
CVE-2023-33658
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-08
CVE-2023-33660
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-08
CVE-2023-33659
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-06-06
CVE-2023-33656
A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-05-30
CVE-2023-29994
In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-04
CVE-2023-29995
In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c
CVSS Score
7.5
EPSS Score
0.001
Published
2023-05-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved