Search CVE reports
111 – 120 of 27818 results
Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core (HardenedObjectInputStream (logback-core) modules) allows Object Injection, albeit heavily restricted. More precisely, an attacker able to...
1 affected package
logback
| Package | 26.04 LTS |
|---|---|
| logback | Needs evaluation |
Exposure of Sensitive Information Through Metadata vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Brokers that are configured with a network connector with syncDurableSubs set to true, are...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-admin (low-privilege) web-login...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the...
2 affected packages
mina, mina2
| Package | 26.04 LTS |
|---|---|
| mina | Not in release |
| mina2 | Needs evaluation |
Incomplete authorization by Apache ActiveMQ server before versions v6.2.6 and v5.19.7 allows authenticated connections to remove existing destinations with proper permissions. This issue affects Apache ActiveMQ Broker: before...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly...
1 affected package
lucene-solr
| Package | 26.04 LTS |
|---|---|
| lucene-solr | Needs evaluation |
Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into...
1 affected package
activemq
| Package | 26.04 LTS |
|---|---|
| activemq | Needs evaluation |
A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. The manipulation of...
1 affected package
assimp
| Package | 26.04 LTS |
|---|---|
| assimp | Needs evaluation |