Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
qpid vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2012-4446
The default configuration for Apache Qpid 0.20 and previous versions, when the federation_tag attribute is enabled, accepts AMQP connections without checking the source user ID, which allows remote malicious users to bypass authentication and have other unspecified impact via an ...
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid 0.8
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
445
VMScore
CVE-2012-4459
Integer overflow in the qpid::framing::Buffer::checkAvailable function in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (crash) via a crafted message, which triggers an out-of-bounds read.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
445
VMScore
CVE-2012-4460
The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and previous versions allow remote malicious users to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-o...
Apache Qpid 0.14
Apache Qpid 0.7
Apache Qpid 0.15
Apache Qpid 0.10
Apache Qpid 0.17
Apache Qpid
Apache Qpid 0.9
Apache Qpid 0.13
Apache Qpid 0.6
Apache Qpid 0.11
Apache Qpid 0.12
Apache Qpid 0.18
Apache Qpid 0.16
Apache Qpid 0.19
Apache Qpid 0.5
Apache Qpid 0.8
445
VMScore
CVE-2012-4458
The AMQP type decoder in Apache Qpid 0.20 and previous versions allows remote malicious users to cause a denial of service (memory consumption and server crash) via a large number of zero width elements in the client-properties map in a connection.start-ok message.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.6
Apache Qpid 0.5
Apache Qpid 0.16
Apache Qpid 0.15
Apache Qpid 0.14
Apache Qpid 0.13
Apache Qpid
Apache Qpid 0.18
Apache Qpid 0.11
Apache Qpid 0.9
Apache Qpid 0.19
Apache Qpid 0.17
Apache Qpid 0.12
Apache Qpid 0.10
516
VMScore
CVE-2013-1909
The Python client in Apache Qpid prior to 2.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle malicious users to spoof SSL servers via an arbitra...
Redhat Enterprise Mrg 2.0
Apache Qpid 0.11
Apache Qpid 0.12
Apache Qpid 0.13
Apache Qpid 0.14
Apache Qpid 0.16
Apache Qpid 0.18
Apache Qpid
Apache Qpid 0.19
Apache Qpid 0.5
Apache Qpid 0.6
Apache Qpid 0.7
Apache Qpid 0.8
Apache Qpid 0.10
Apache Qpid 0.15
Apache Qpid 0.17
Apache Qpid 0.9
445
VMScore
CVE-2012-2145
Apache Qpid 0.17 and previous versions does not properly restrict incoming client connections, which allows remote malicious users to cause a denial of service (file descriptor consumption) via a large number of incomplete connections.
Apache Qpid 0.8
Apache Qpid 0.7
Apache Qpid 0.12
Apache Qpid 0.14
Apache Qpid 0.16
Apache Qpid
Apache Qpid 0.9
Apache Qpid 0.10
Apache Qpid 0.6
383
VMScore
CVE-2016-4467
The C client and C-based client bindings in the Apache Qpid Proton library prior to 0.13.1 on Windows do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate when using the SChan...
Apache Qpid Proton 0.12.0
Apache Qpid Proton 0.12.1
Apache Qpid Proton 0.13.0
Apache Qpid Proton 0.11.1
Apache Qpid Proton 0.11.0
Apache Qpid Proton 0.10.0
Apache Qpid Proton 0.9.1
Apache Qpid Proton 0.12.2
Apache Qpid Proton 0.9.0
Apache Qpid Proton 0.8.0
445
VMScore
CVE-2012-3467
Apache QPID 0.14, 0.16, and previous versions uses a NullAuthenticator mechanism to authenticate catch-up shadow connections to AMQP brokers, which allows remote malicious users to bypass authentication.
Apache Qpid
Apache Qpid 0.6
Apache Qpid 0.14
Apache Qpid 0.5
445
VMScore
CVE-2016-8741
The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It exists that these AuthenticationProviders in Apache Qpid Br...
Apache Qpid Broker-j 6.0.1
Apache Qpid Broker-j 6.0.2
Apache Qpid Broker-j 6.0.3
Apache Qpid Broker-j 6.0.4
Apache Qpid Broker-j 6.0.5
Apache Qpid Broker-j 6.1.0
445
VMScore
CVE-2019-0200
A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 6.0.0-7.0.6 (inclusive) and 7.1.0 which allows an unauthenticated malicious user to crash the broker instance by sending specially crafted commands using AMQP protocol versions below 1.0 (AMQP 0-8, 0-9, ...
Apache Qpid Broker-j
Apache Qpid Broker-j 7.1.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »