Vulnerabilities > Zeromq
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-01 | CVE-2020-36400 | Out-of-bounds Write vulnerability in Zeromq Libzmq 4.3.3 ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235. | 7.5 |
2021-05-28 | CVE-2021-20236 | Out-of-bounds Write vulnerability in multiple products A flaw was found in the ZeroMQ server in versions before 4.3.3. | 9.8 |
2021-05-28 | CVE-2021-20237 | Memory Leak vulnerability in Zeromq Libzmq An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions before 4.3.3. | 4.3 |
2021-04-01 | CVE-2021-20235 | Out-of-bounds Write vulnerability in Zeromq Libzmq There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp. | 8.1 |
2021-04-01 | CVE-2021-20234 | Memory Leak vulnerability in Zeromq Libzmq An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions before 4.3.3 in src/pipe.cpp. | 4.3 |
2020-09-11 | CVE-2020-15166 | Resource Exhaustion vulnerability in multiple products In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. | 7.5 |
2019-07-10 | CVE-2019-13132 | Out-of-bounds Write vulnerability in multiple products In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. | 9.8 |
2019-01-13 | CVE-2019-6250 | Integer Overflow or Wraparound vulnerability in multiple products A pointer overflow, with code execution, was discovered in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x before 4.3.1. | 9.0 |
2015-06-03 | CVE-2014-9721 | Improper Input Validation vulnerability in Zeromq libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header. | 4.3 |
2014-10-08 | CVE-2014-7203 | Security Bypass vulnerability in ZeroMQ libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors. network zeromq | 4.3 |