CRITICAL10.0CVE-2023-46604⚠ KEVApache ActiveMQ is vulnerable to Remote Code Execution from 0, < 5.16.1-1+deb11u1
CRITICAL9.8CVE-2016-3088⚠ KEVImproper Input Validation in Apache ActiveMQ from 0, < 5.14.0+dfsg-1
HIGH8.8⚠ KEVAuthenticated Apache ActiveMQ Broker and Apache ActiveMQ users could perform RCE via Jolokia MBeans
from 0
CRITICAL9.8Improper Restriction of XML External Entity Reference in Apache ActiveMQ
from 0, < 5.6.0+dfsg1-4
CRITICAL9.8activemq - security update
from 0, < 5.6.0+dfsg-1+deb7u2
CRITICAL9.8activemq - security update
from 0, < 5.13.2+dfsg-1
HIGH8.8Apache ActiveMQ: Authenticated low-privilege Web users retain Jolokia broker-management capability by default
from 0
HIGH8.8Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Jolokia `addNetworkConnector` Discovery Wrapper Bypass
from 0
HIGH8.8Apache ActiveMQ Vulnerable to Code Injection
from 0
HIGH8.8Apache ActiveMQ Vulnerable to Improper Input Validation and Code Injection
from 0
HIGH8.8activemq - security update
from 0, < 5.16.1-1+deb11u1
HIGH8.8activemq - security update
from 0, < 5.16.1-1+deb11u1
HIGH8.8activemq - security update
from 0, < 5.17.2+dfsg-2+deb12u1
HIGH8.1Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector
from 0
HIGH7.5Apache ActiveMQ: Denial of Service via Out of Memory vulnerability
from 0
HIGH7.5activemq - security update
from 0, < 5.16.1-1+deb11u2
HIGH7.5activemq - security update
from 0, < 5.16.1-1+deb11u2
HIGH7.5activemq - security update
from 0, < 5.6.0+dfsg1-4+deb8u1
HIGH7.5activemq - security update
from 0, < 5.6.0+dfsg-1+deb7u1
HIGH7.5Improper Authentication in Apache ActiveMQ and Apache Artemis
from 0, < 5.16.1-1
HIGH7.5mqtt-client - security update
from 0, < 5.15.9-1
HIGH7.4Improper Certificate Validation in Apache activemq-client
from 0, < 5.15.6-1
MEDIUM6.5Apache ActiveMQ Vulnerable to Cross-site Scripting
from 0
MEDIUM6.1Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties
from 0
MEDIUM6.1Improper Neutralization of Input During Web Page Generation Apache ActiveMQ
from 0, < 5.14.2+dfsg-1
MEDIUM6.1Cross-site scripting (XSS) in Apache ActiveMQ
from 0, < 5.16.1-1
MEDIUM6.1Apache ActiveMQ webconsole admin GUI is open to XSS
from 0, < 5.16.0-1
MEDIUM6.1Apache ActiveMQ web console vulnerable to Cross-site Scripting
from 0, < 5.15.6-1
MEDIUM5.9Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Durable Subscription Disclosure via Crafted BrokerInfo (OpenWire)
from 0
MEDIUM5.9activemq - security update
from 0, < 5.14.3-3+deb9u1
MEDIUM5.9activemq - security update
from 0, < 5.15.16-0+deb10u1
MEDIUM5.9activemq - security update
from 0, < 5.16.0-1
MEDIUM5.4Apache ActiveMQ is Vulnerable to Integer Overflow or Wraparound
from 0
MEDIUM5.4Improper Neutralization of Input During Web Page Generation in Apache ActiveMQ
from 0, < 5.13.2+dfsg-1
MEDIUM4.9activemq - security update
from 0, < 5.6.0+dfsg-1+deb7u3
MEDIUM4.9activemq - security update
from 0, < 5.14.3-3
MEDIUM4.3Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Incomplete authorization during destination removal
from 0
MEDIUM4.3Apache ActiveMQ: Improper validation and restriction of a classpath path name
from 0
LOW3.7activemq - security update
from 0, < 5.15.3-1
LOW3.7activemq - security update
from 0, < 5.14.3-3+deb9u2
—Denial of Service in Apache ActiveMQ
from 0, < 5.5.0+dfsg-5
—Improper Input Validation in Apache ActiveMQ
from 0, < 5.6.0+dfsg1-4
—Improper Authentication in Apache WSS4J
from 0, < 5.6.0+dfsg1-4