Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache activemq vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-4040
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an malicious user to partially disrupt availability to the broker through a sustained attack of maliciously crafted...
Redhat Amq Broker
Apache Activemq Artemis
2.1
CVSSv2
CVE-2020-10727
A flaw was found in ActiveMQ Artemis management API from version 2.7.0 up until 2.12.0, where a user inadvertently stores passwords in plaintext in the Artemis shadow file (etc/artemis-users.properties file) when executing the `resetUsers` operation. A local attacker can use this...
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
5
CVSSv2
CVE-2021-26118
While investigating ARTEMIS-2964 it was found that the creation of advisory messages in the OpenWire protocol head of Apache ActiveMQ Artemis 2.15.0 bypassed policy based access control for the entire session. Production of advisory messages was not subject to access control in e...
Apache Activemq Artemis 2.15.0
Netapp Oncommand Workflow Automation -
NA
CVE-2022-35278
In Apache ActiveMQ Artemis before 2.24.0, an attacker could show malicious content and/or redirect users to a malicious URL in the web console by using HTML in the name of an address or queue.
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
4.3
CVSSv2
CVE-2020-13947
An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 up to and including 5.16.0.
Apache Activemq
Oracle Communications Session Route Manager
Oracle Communications Session Report Manager
5
CVSSv2
CVE-2022-23913
In Apache ActiveMQ Artemis before 2.20.0 or 2.19.1, an attacker could partially disrupt availability (DoS) through uncontrolled resource consumption of memory.
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Netapp Active Iq Unified Manager -
5.8
CVSSv2
CVE-2012-5784
Apache Axis 1.4 and previous versions, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the sub...
Apache Axis 1.0
Paypal Mass Pay -
Apache Axis -
Apache Axis 1.1
Apache Axis 1.2
Paypal Transactional Information Soap -
Paypal Payments Pro -
Apache Axis 1.2.1
Apache Activemq
Apache Axis
Apache Axis 1.3
5
CVSSv2
CVE-2021-26117
The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users ...
Apache Activemq
Apache Activemq Artemis
Netapp Oncommand Workflow Automation -
Debian Debian Linux 9.0
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Session Report Manager
Oracle Communications Element Manager
Oracle Communications Session Route Manager
4.3
CVSSv2
CVE-2020-13920
Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker...
Apache Activemq
Oracle Flexcube Private Banking 12.1.0
Oracle Flexcube Private Banking 12.0.0
Oracle Communications Diameter Signaling Router
Debian Debian Linux 9.0
4.3
CVSSv2
CVE-2019-0201
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string...
Apache Zookeeper 3.5.3
Apache Zookeeper 3.5.0
Apache Zookeeper
Apache Zookeeper 3.5.1
Apache Zookeeper 3.5.2
Apache Zookeeper 3.5.4
Apache Drill 1.16.0
Apache Activemq 5.15.9
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Fuse 1.0.0
Oracle Goldengate Stream Analytics
Oracle Siebel Core - Server Framework
Oracle Timesten In-memory Database
Netapp Hci Bootstrap Os -
Netapp Element Software -
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »