Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activemq vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2014-7816
Directory traversal vulnerability in JBoss Undertow 1.0.x prior to 1.0.17, 1.1.x prior to 1.1.0.CR5, and 1.2.x prior to 1.2.0.Beta3, when running on Windows, allows remote malicious users to read arbitrary files via a .. (dot dot) in a resource URI.
Redhat Undertow
4.3
CVSSv2
CVE-2013-1880
Cross-site scripting (XSS) vulnerability in the Portfolio publisher servlet in the demo web application in Apache ActiveMQ prior to 5.9.0 allows remote malicious users to inject arbitrary web script or HTML via the refresh parameter to demo/portfolioPublish, a different vulnerabi...
Apache Activemq 5.6.0
Apache Activemq 5.5.1
Apache Activemq 5.3.0
Apache Activemq 5.2.0
Apache Activemq
Apache Activemq 5.7.0
Apache Activemq 5.3.2
Apache Activemq 5.3.1
Apache Activemq 5.5.0
Apache Activemq 5.4.2
Apache Activemq 5.1.0
Apache Activemq 5.0.0
Apache Activemq 5.4.1
Apache Activemq 5.4.0
5
CVSSv2
CVE-2013-5488
Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote malicious users to cause a denial ...
Cisco Unified Operations Manager -
Cisco Prime Lan Management Solution -
Cisco Unified Service Monitor -
Cisco Security Manager
4.3
CVSSv2
CVE-2013-1879
Cross-site scripting (XSS) vulnerability in scheduled.jsp in Apache ActiveMQ 5.8.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via vectors involving the "cron of a message."
Apache Activemq 5.5.0
Apache Activemq 5.5.1
Apache Activemq 5.0.0
Apache Activemq 5.3.0
Apache Activemq 5.4.2
Apache Activemq 5.2.0
Apache Activemq 5.3.1
Apache Activemq 5.6.0
Apache Activemq 5.3.2
Apache Activemq 5.1.0
Apache Activemq 5.7.0
Apache Activemq
Apache Activemq 5.4.1
Apache Activemq 5.4.0
6.4
CVSSv2
CVE-2013-3060
The web console in Apache ActiveMQ prior to 5.8.0 does not require authentication, which allows remote malicious users to obtain sensitive information or cause a denial of service via HTTP requests.
Apache Activemq 5.4.0
Apache Activemq 5.3.2
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 5.4.2
Apache Activemq 5.4.1
Apache Activemq 4.1.1
Apache Activemq 4.1.0
Apache Activemq
Apache Activemq 5.6.0
Apache Activemq 5.3.1
Apache Activemq 5.3.0
Apache Activemq 4.0
Apache Activemq 5.5.1
Apache Activemq 5.5.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 5.0.0
4.3
CVSSv2
CVE-2012-6092
Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ prior to 5.8.0 allow remote malicious users to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publi...
Apache Activemq 5.3.0
Apache Activemq 4.1.0
Apache Activemq 5.4.0
Apache Activemq 5.5.1
Apache Activemq 5.4.1
Apache Activemq 5.3.1
Apache Activemq 5.2.0
Apache Activemq 5.0.0
Apache Activemq 4.0
Apache Activemq 4.0.2
Apache Activemq
Apache Activemq 4.0.1
Apache Activemq 5.1.0
Apache Activemq 5.5.0
Apache Activemq 5.3.2
Apache Activemq 4.1.1
Apache Activemq 5.6.0
Apache Activemq 5.4.2
5
CVSSv2
CVE-2012-6551
The default configuration of Apache ActiveMQ prior to 5.8.0 enables a sample web application, which allows remote malicious users to cause a denial of service (broker resource consumption) via HTTP requests.
Apache Activemq 5.4.0
Apache Activemq 5.3.2
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 5.4.2
Apache Activemq 5.4.1
Apache Activemq 4.1.1
Apache Activemq 4.1.0
Apache Activemq
Apache Activemq 5.6.0
Apache Activemq 5.3.1
Apache Activemq 5.3.0
Apache Activemq 4.0
Apache Activemq 5.5.1
Apache Activemq 5.5.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 5.0.0
5.8
CVSSv2
CVE-2012-5784
Apache Axis 1.4 and previous versions, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the sub...
Apache Axis 1.0
Paypal Mass Pay -
Apache Axis -
Apache Axis 1.1
Apache Axis 1.2
Paypal Transactional Information Soap -
Paypal Payments Pro -
Apache Axis 1.2.1
Apache Activemq
Apache Axis
Apache Axis 1.3
5
CVSSv2
CVE-2011-4905
Apache ActiveMQ prior to 5.6.0 allows remote malicious users to cause a denial of service (file-descriptor exhaustion and broker crash or hang) by sending many openwire failover:tcp:// connection requests.
Apache Activemq 5.3.1
Apache Activemq 5.3.0
Apache Activemq 5.2.0
Apache Activemq 5.1.0
Apache Activemq 3.0
Apache Activemq 2.1
Apache Activemq 2.0
Apache Activemq 1.5
Apache Activemq
Apache Activemq 5.5.0
Apache Activemq 5.4.3
Apache Activemq 4.0.2
Apache Activemq 4.0.1
Apache Activemq 4.0
Apache Activemq 5.4.2
Apache Activemq 5.4.0
Apache Activemq 4.1.2
Apache Activemq 4.1.0
Apache Activemq 3.2.1
Apache Activemq 3.1
Apache Activemq 1.4
Apache Activemq 1.2
5
CVSSv2
CVE-2010-1587
The Jetty ResourceHandler in Apache ActiveMQ 5.x prior to 5.3.2 and 5.4.x prior to 5.4.0 allows remote malicious users to read JSP source code via a // (slash slash) initial substring in a URI for (1) admin/index.jsp, (2) admin/queues.jsp, or (3) admin/topics.jsp.
Apache Activemq 5.3.0
Apache Activemq 5.3.1
Apache Activemq 5.0.0
Apache Activemq 5.4-snapshot
Apache Activemq 5.1.0
Apache Activemq 5.2.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »