Skip to main content

Zeromq

4 CVEs product

Monthly

CVE-2021-20236 CRITICAL PATCH Act Now

A flaw was found in the ZeroMQ server in versions before 4.3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Zeromq Ceph Storage Enterprise Linux Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2014-9721 MEDIUM This Month

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Zeromq
NVD GitHub
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-7203 MEDIUM This Month

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zeromq
NVD GitHub
CVSS 2.0
4.3
EPSS
0.6%
CVE-2014-7202 MEDIUM This Month

stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zeromq
NVD GitHub
CVSS 2.0
4.3
EPSS
0.6%
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A flaw was found in the ZeroMQ server in versions before 4.3.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Zeromq Ceph Storage +2
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Zeromq
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zeromq
NVD GitHub
EPSS 1% CVSS 4.3
MEDIUM This Month

stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zeromq
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy