Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache activemq vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2012-5784
Apache Axis 1.4 and previous versions, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the sub...
Apache Axis 1.0
Paypal Mass Pay -
Apache Axis -
Apache Axis 1.1
Apache Axis 1.2
Paypal Transactional Information Soap -
Paypal Payments Pro -
Apache Axis 1.2.1
Apache Activemq
Apache Axis
Apache Axis 1.3
5
CVSSv2
CVE-2022-23913
In Apache ActiveMQ Artemis before 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
5
CVSSv2
CVE-2021-26117
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users ...
Apache Activemq
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Communications Session Route Manager
5
CVSSv2
CVE-2021-26118
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in e...
Apache Activemq Artemis 2.15.0
Netapp Oncommand Workflow Automation -
5
CVSSv2
CVE-2019-0222
In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive.
Apache Activemq
Netapp E-series Santricity Web Services -
Oracle Enterprise Repository 12.1.3.0.0
Oracle Enterprise Manager Base Platform 13.2.0.0.0
Oracle Enterprise Manager Base Platform 12.1.0.5.0
Oracle Enterprise Manager Base Platform 13.3.0.0.0
Oracle Goldengate Stream Analytics
Oracle Identity Manager Connector 9.0
Oracle Communications Diameter Signaling Router 8.2.1
Oracle Communications Diameter Signaling Router 8.0.0
Oracle Communications Diameter Signaling Router 8.1
Oracle Communications Diameter Signaling Router 8.2
Debian Debian Linux 9.0
5
CVSSv2
CVE-2018-1310
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache Ni...
Apache Nifi
5
CVSSv2
CVE-2015-6524
The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Apache ActiveMQ 5.x prior to 5.10.1 allows wildcard operators in usernames, which allows remote malicious users to obtain credentials via a brute force attack. NOTE: this identifier ...
Fedoraproject Fedora 22
Fedoraproject Fedora 23
Apache Activemq 5.0.0
Apache Activemq 5.4.0
Apache Activemq 5.4.2
Apache Activemq 5.7.0
Apache Activemq 5.9.0
Apache Activemq 5.4.3
Apache Activemq 5.5.0
Apache Activemq 5.5.1
Apache Activemq 5.6.0
Apache Activemq 5.10.0
Apache Activemq 5.2.0
Apache Activemq 5.3.0
Apache Activemq 5.3.1
Apache Activemq 5.1.0
Apache Activemq 5.3.2
Apache Activemq 5.4.1
Apache Activemq 5.8.0
Apache Activemq 5.9.1
5
CVSSv2
CVE-2015-1830
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x prior to 5.11.2 for Windows allows remote malicious users to create JSP files in arbitrary directories via unspecified vectors.
Apache Activemq 5.0.0
Apache Activemq 5.1.0
Apache Activemq 5.2.0
Apache Activemq 5.3.0
Apache Activemq 5.3.1
Apache Activemq 5.3.2
Apache Activemq 5.4.0
Apache Activemq 5.4.1
Apache Activemq 5.4.2
Apache Activemq 5.4.3
Apache Activemq 5.5.0
Apache Activemq 5.5.1
Apache Activemq 5.6.0
Apache Activemq 5.7.0
Apache Activemq 5.8.0
Apache Activemq 5.9.0
Apache Activemq 5.9.1
Apache Activemq 5.10.0
Apache Activemq 5.10.1
Apache Activemq 5.10.2
Apache Activemq 5.11.0
Apache Activemq 5.11.1
2 EDB exploits
1 Github repository
5
CVSSv2
CVE-2014-3576
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ prior to 5.11.0 allows remote malicious users to cause a denial of service (shutdown) via a shutdown command.
Apache Activemq
Oracle Business Intelligence Publisher 12.2.1.0.0
Oracle Fusion Middleware 11.1.1.7.4
Oracle Fusion Middleware 9.0
Oracle Fusion Middleware 12.1.3.0.0
Oracle Fusion Middleware 8.1
5
CVSSv2
CVE-2014-7816
Directory traversal vulnerability in JBoss Undertow 1.0.x prior to 1.0.17, 1.1.x prior to 1.1.0.CR5, and 1.2.x prior to 1.2.0.Beta3, when running on Windows, allows remote malicious users to read arbitrary files via a .. (dot dot) in a resource URI.
Redhat Undertow
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »