CVE-2026-40860

Apache Camel CVE-2026-40860 describes unsafe deserialization of JMS ObjectMessage payloads in camel-jms, camel-sjms, camel-sjms2 and camel-amqp. The root cause is deserialization via javax.jms.ObjectMessage.getObject() without ObjectInputFilter or allow/deny lists, triggered when mapJmsMessage is...

EUVD-2021-7743

Malicious code in bioql PyPI...

CVE-2021-20318

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

Hardcoded credentials

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

CVE-2021-20318

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

CVE-2021-20318

The HornetQ component of Artemis in EAP 7 was not updated with the fix for CVE-2016-4978. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using a JMS ObjectMessage...

Red Hat Jboss Enterprise Application Platform 7 代码问题漏洞

Red Hat Jboss Enterprise Application Platform 7 Red Hat Jboss Eap 7 is a middleware platform built on open standards and compatible with the Java Ee 7 specification from Red Hat USA. A code issue vulnerability exists in Red Hat JBoss Enterprise Application Platform 7 Artemis that stems from the...

Security Bulletin: CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker

Summary CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service JMS ObjectMessage object. Vulnerability Details CVEID: CVE-2015-5254...

Security Bulletin: Vulnerability in Apache ActiveMQ affects IBM Control Center (CVE-2015-5254)

Summary An Apache ActiveMQ vulnerability for potentially allowing a remote attacker to execute arbitrary code was addressed by IBM Control Center. Control Center is only vulnerable if configured to use JMS Java Messaging Service. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache...

CVE-2016-0276

IBM Financial Transaction Manager FTM for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager FTM for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager FTM for Corporate Payment Services CPS for...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.7 on RHEL 6

An update is now available for Red Hat JBoss Enterprise Application Platform 7.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.0.7

An update is now available for Red Hat JBoss Enterprise Application Platform. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...