Vulnerabilities (CVE)

Filtered by vendor Zeromq Subscribe
Filtered by product Zeromq
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-9721 1 Zeromq 1 Zeromq 2024-11-21 4.3 MEDIUM N/A
libzmq before 4.0.6 and 4.1.x before 4.1.1 allows remote attackers to conduct downgrade attacks and bypass ZMTP v3 protocol security mechanisms via a ZMTP v2 or earlier header.
CVE-2014-7203 1 Zeromq 1 Zeromq 2024-11-21 4.3 MEDIUM N/A
libzmq (aka ZeroMQ/C++) 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors.
CVE-2014-7202 1 Zeromq 1 Zeromq 2024-11-21 4.3 MEDIUM N/A
stream_engine.cpp in libzmq (aka ZeroMQ/C++)) 4.0.5 before 4.0.5 allows man-in-the-middle attackers to conduct downgrade attacks via a crafted connection request.
CVE-2021-20236 3 Fedoraproject, Redhat, Zeromq 4 Fedora, Ceph Storage, Enterprise Linux and 1 more 2024-02-04 7.5 HIGH 9.8 CRITICAL
A flaw was found in the ZeroMQ server in versions before 4.3.3. This flaw allows a malicious client to cause a stack buffer overflow on the server by sending crafted topic subscription requests and then unsubscribing. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.