songxpu

8 exploits Active since Dec 2022
CVE-2022-43272 WRITEUP HIGH WRITEUP
DCMTK 3.6.7 - Memory Leak in T_ASC_Association Object
DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object.
CVSS 7.5
CVE-2024-42644 WRITEUP HIGH WRITEUP
FlashMQ 1.14.0 - Denial of Service via QoS Assertion Failure in PublishCopyFactory
FlashMQ v1.14.0 was discovered to contain an assertion failure in the function PublishCopyFactory::getNewPublish, which occurs when the QoS value of the publish object is greater than 0.
CVSS 7.5
CVE-2024-42645 WRITEUP HIGH WRITEUP
FlashMQ 1.14.0 - Denial of Service via Crafted Retain Message
An issue in FlashMQ v1.14.0 allows attackers to cause an assertion failure via sending a crafted retain message, leading to a Denial of Service (DoS).
CVSS 7.5
CVE-2024-42646 WRITEUP HIGH WRITEUP
NanoMQ 0.21.10 - Denial of Service via Crafted Messages
A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
CVSS 7.5
CVE-2024-42648 WRITEUP MEDIUM WRITEUP
NanoMQ 0.22.10 - Denial of Service via Crafted CONNECT Message
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
CVSS 6.5
CVE-2024-42649 WRITEUP MEDIUM WRITEUP
NanoMQ v0.22.10 - Denial of Service via Memory Leak in PUBLISH Message Handling
NanoMQ v0.22.10 was discovered to contain a memory leak which allows attackers to cause a Denial of Service (DoS) via a crafted PUBLISH message.
CVSS 6.5
CVE-2024-42651 WRITEUP HIGH WRITEUP
NanoMQ 0.17.9 - Denial of Service via SUBSCRIBE Message Handling
NanoMQ v0.17.9 was discovered to contain a heap use-after-free vulnerability via the component sub_Ctx_handle. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted SUBSCRIBE message.
CVSS 7.5
CVE-2024-42655 WRITEUP HIGH WRITEUP
NanoMQ 0.21.10 - Improper Access Control via MQTT Wildcard Bypass
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and access sensitive system topic messages using MQTT wildcard characters.
CVSS 8.8