Nanomq

nanomq

Vendor: Emqx • 32 CVEs

CVEs (32)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-31040 1Emqx 1Nanomq Jun 10, 2025 Apr 17, 2024 N/A· v4 2.7 LOW· v3 N/A· v2 Buffer Overflow vulnerability in the get_var_integer function in mqtt_parser.c in NanoMQ 0.21.7 allows remote attackers to cause a denial of service via a series of specially crafted hexstreams.
CVE-2024-25767 1Emqx 1Nanomq May 1, 2025 Feb 26, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 nanomq 0.21.2 contains a Use-After-Free vulnerability in /nanomq/nng/src/core/socket.c.
CVE-2023-34494 1Emqx 1Nanomq Nov 21, 2024 Jun 12, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 NanoMQ 0.16.5 is vulnerable to heap-use-after-free in the nano_ctx_send function of nmq_mqtt.c.
CVE-2023-34488 1Emqx 1Nanomq Sep 24, 2025 Jun 12, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 NanoMQ 0.17.5 has a one-byte heap-based buffer over-read in the conn_handler function of mqtt_parser.c when it processes malformed messages.
CVE-2023-33657 1Emqx 1Nanomq Jan 6, 2025 Jun 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data...Show more A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.Show less
CVE-2023-33660 1Emqx 1Nanomq Jan 6, 2025 Jun 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a deni...Show more A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.Show less
CVE-2023-33658 1Emqx 1Nanomq Jan 6, 2025 Jun 8, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause...Show more A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_msg_get_pub_pid() in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack.Show less
CVE-2023-33659 1Emqx 1Nanomq Jan 8, 2025 Jun 6, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cau...Show more A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nmq_subinfo_decode() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.Show less
CVE-2023-33656 1Emqx 1Nanomq Jan 10, 2025 May 30, 2023 N/A· v4 5.5 MEDIUM· v3 N/A· v2 A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume...Show more A memory leak vulnerability exists in NanoMQ 0.17.2. The vulnerability is located in the file message.c. An attacker could exploit this vulnerability to cause a denial of service attack by causing the program to consume all available memory resources.Show less
CVE-2023-29996 1Emqx 1Nanomq Jan 29, 2025 May 4, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In NanoMQ v0.15.0-0, segment fault with Null Pointer Dereference occurs in the process of decoding subinfo_decode and unsubinfo_decode.
CVE-2023-29995 1Emqx 1Nanomq Jan 29, 2025 May 4, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In NanoMQ v0.15.0-0, a Heap overflow occurs in copyn_utf8_str function of mqtt_parser.c
CVE-2023-29994 1Emqx 1Nanomq Jan 29, 2025 May 4, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 In NanoMQ v0.15.0-0, Heap overflow occurs in read_byte function of mqtt_code.c.

Previous 12