CVE-2020-13947

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...

Fedora: Security Advisory (FEDORA-2024-58c67dbb21)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: mingw-qt5-qtsvg-5.15.12-1.fc39

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 39 Update: mingw-qt5-qtactiveqt-5.15.12-1.fc39

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 39 Update: mingw-qt5-qtcharts-5.15.12-1.fc39

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 39 Update: mingw-qt5-qt3d-5.15.12-1.fc39

This package contains the Qt software toolkit for developing cross-platform applications. This is the Windows version of Qt, for use in conjunction with the Fedora Windows cross-compiler...

[SECURITY] Fedora 34 Update: kernel-5.15.12-100.fc34

The kernel meta package...

GSD-2021-1002843 phonet/pep: refuse to enable an unbound pipe

phonet/pep: refuse to enable an unbound pipe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002831 ipmi: ssif: initialize ssif_info->client early

ipmi: ssif: initialize ssifinfo-client early This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

GSD-2021-1002829 Input: elantech - fix stack out of bound access in elantech_change_report_id()

Input: elantech - fix stack out of bound access in elantechchangereportid This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.12 by commit...

DEBIAN-CVE-2020-13947

An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0...

Apache ActiveMQ 跨站脚本漏洞

Apache ActiveMQ is the United States Apache Apache Foundation of a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework and so on. A cross-site scripting vulnerability exists in Apache ActiveMQ versions 5.15.12 through 5.16.0, which stem...

PT-2021-9682 · Apache · Apache Activemq

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions 5.15.12 through 5.16.0 Description: A cross-site scripting issue was found in the web-based administration console, specifically on the message.jsp page. Recommendations: For Apache ActiveMQ versions 5.15.12 through...

UBUNTU-CVE-2020-13920

Apache ActiveMQ uses LocateRegistry.createRegistry to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to...

PT-2020-13781 · Apache +2 · Apache Activemq +2

Name of the Vulnerable Software and Affected Versions: Apache ActiveMQ versions prior to 5.15.12 Description: The issue allows an attacker to connect to the JMX RMI registry without authentication and rebind the jmxrmi entry. By creating a proxy server, an attacker can intercept user credentials...