Vulnerabilities > Emqx

DATE CVE VULNERABILITY TITLE RISK
2023-05-30 CVE-2023-33656 Allocation of Resources Without Limits or Throttling vulnerability in Emqx Nanomq 0.17.2
A memory leak vulnerability exists in NanoMQ 0.17.2.
local
low complexity
emqx CWE-770
5.5
2023-05-04 CVE-2023-29994 Out-of-bounds Write vulnerability in Emqx Nanomq 0.15.0
In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.
network
low complexity
emqx CWE-787
7.5
2023-05-04 CVE-2023-29995 Out-of-bounds Write vulnerability in Emqx Nanomq 0.15.0
In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c
network
low complexity
emqx CWE-787
7.5
2023-05-04 CVE-2023-29996 NULL Pointer Dereference vulnerability in Emqx Nanomq 0.15.0
In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode.
network
low complexity
emqx CWE-476
7.5
2022-03-28 CVE-2021-46434 Unspecified vulnerability in Emqx 3.0.0
EMQ X Dashboard V3.0.0 is affected by username enumeration in the "/api /v3/auth" interface.
network
low complexity
emqx
5.3
2021-06-08 CVE-2021-33175 Allocation of Resources Without Limits or Throttling vulnerability in Emqx EMQ X Broker
EMQ X Broker versions prior to 4.2.8 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs.
network
low complexity
emqx CWE-770
7.5