Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zeromq libzmq vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-6250
A pointer overflow, with code execution, exists in ZeroMQ libzmq (aka 0MQ) 4.2.x and 4.3.x prior to 4.3.1. A v2_decoder.cpp zmq::v2_decoder_t::size_ready integer overflow allows an authenticated malicious user to overwrite an arbitrary amount of bytes beyond the bounds of a buffe...
Zeromq Libzmq
Debian Debian Linux 9.0
668
VMScore
CVE-2020-36400
ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235.
Zeromq Libzmq 4.3.3
668
VMScore
CVE-2019-13132
In ZeroMQ libzmq prior to 4.0.9, 4.1.x prior to 4.1.7, and 4.2.x prior to 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack w...
Zeromq Libzmq
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Canonical Ubuntu Linux 19.04
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
605
VMScore
CVE-2021-20235
There's a flaw in the zeromq server in versions prior to 4.3.3 in src/decoder_allocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted requ...
Zeromq Libzmq
445
VMScore
CVE-2020-15166
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint that is fully configured with CURVE/ZAP, legitimate clients...
Zeromq Libzmq
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
383
VMScore
CVE-2021-20237
An uncontrolled resource consumption (memory leak) flaw was found in ZeroMQ's src/xpub.cpp in versions prior to 4.3.3. This flaw allows a remote unauthenticated malicious user to send crafted PUB messages that consume excessive memory if the CURVE/ZAP authentication is disab...
Zeromq Libzmq
383
VMScore
CVE-2021-20234
An uncontrolled resource consumption (memory leak) flaw was found in the ZeroMQ client in versions prior to 4.3.3 in src/pipe.cpp. This issue causes a client that connects to multiple malicious or compromised servers to crash. The highest threat from this vulnerability is to syst...
Zeromq Libzmq
383
VMScore
CVE-2014-9721
libzmq prior to 4.0.6 and 4.1.x prior to 4.1.1 allows remote malicious users to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
Zeromq Zeromq
Zeromq Zeromq 4.1.0
383
VMScore
CVE-2014-7202
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 prior to 4.0.5 allows man-in-the-middle malicious users to conduct downgrade attacks via a crafted connection request.
Zeromq Zeromq 4.0.0
Zeromq Zeromq 4.0.4
383
VMScore
CVE-2014-7203
libzmq (aka ZeroMQ/C++) 4.0.x prior to 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle malicious users to conduct replay attacks via unspecified vectors.
Zeromq Zeromq 4.0.2
Zeromq Zeromq 4.0.1
Zeromq Zeromq 4.0.4
Zeromq Zeromq 4.0.3
Zeromq Zeromq 4.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started