Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qpid vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
5
CVSSv2
CVE-2012-4459
Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
5
CVSSv2
CVE-2012-4460
The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and previous versions allow remote malicious users to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-o...
Apache Qpid 0.14
Apache Qpid 0.7
Apache Qpid 0.15
Apache Qpid 0.10
Apache Qpid 0.17
Apache Qpid
Apache Qpid 0.9
Apache Qpid 0.13
Apache Qpid 0.6
Apache Qpid 0.11
Apache Qpid 0.12
Apache Qpid 0.18
Apache Qpid 0.16
Apache Qpid 0.19
Apache Qpid 0.5
Apache Qpid 0.8
6.8
CVSSv2
CVE-2012-4446
The default configuration for Apache Qpid 0.20 and previous versions, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote malicious users to bypass authentication and have other unspecified impact via an ...
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid 0.8
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
5.8
CVSSv2
CVE-2013-1909
The Python client in Apache Qpid prior to 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitra...
Redhat Enterprise Mrg 2.0
Apache Qpid 0.11
Apache Qpid 0.12
Apache Qpid 0.13
Apache Qpid 0.14
Apache Qpid 0.16
Apache Qpid 0.18
Apache Qpid
Apache Qpid 0.19
Apache Qpid 0.5
Apache Qpid 0.6
Apache Qpid 0.7
Apache Qpid 0.8
Apache Qpid 0.10
Apache Qpid 0.15
Apache Qpid 0.17
Apache Qpid 0.9
5
CVSSv2
CVE-2012-2145
Apache Qpid 0.17 and previous versions does not properly restrict incoming client connections, which allows remote malicious users to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.12
Apache Qpid 0.14
Apache Qpid 0.16
Apache Qpid
Apache Qpid 0.9
Apache Qpid 0.10
Apache Qpid 0.6
4.3
CVSSv2
CVE-2016-4467
The C client and C-based client bindings in the Apache Qpid Proton library prior to 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChan...
Apache Qpid Proton 0.12.0
Apache Qpid Proton 0.12.1
Apache Qpid Proton 0.13.0
Apache Qpid Proton 0.11.1
Apache Qpid Proton 0.11.0
Apache Qpid Proton 0.10.0
Apache Qpid Proton 0.9.1
Apache Qpid Proton 0.12.2
Apache Qpid Proton 0.9.0
Apache Qpid Proton 0.8.0
5
CVSSv2
CVE-2012-3467
Apache QPID 0.14, 0.16, and previous versions uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote malicious users to bypass authentication.
Apache Qpid
Apache Qpid 0.6
Apache Qpid 0.14
Apache Qpid 0.5
5
CVSSv2
CVE-2016-8741
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It exists that these AuthenticationProviders in Apache Qpid Br...
Apache Qpid Broker-j 6.0.1
Apache Qpid Broker-j 6.0.2
Apache Qpid Broker-j 6.0.3
Apache Qpid Broker-j 6.0.4
Apache Qpid Broker-j 6.0.5
Apache Qpid Broker-j 6.1.0
5
CVSSv2
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated malicious user to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, ...
Apache Qpid Broker-j
Apache Qpid Broker-j 7.1.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »