Lucene search
K

56 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-1379

Malware in sbrugna...

7.5CVSS7.6AI score0.04008EPSS
Exploits0References11
GithubExploit
GithubExploit
added 2025/02/27 2:49 a.m.136 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 01. Apache ActiveMQ & OpenWire - 1 Apac...

10CVSS8.3AI score0.99654EPSS
Exploits31
GithubExploit
GithubExploit
added 2024/05/31 12:38 a.m.289 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

Resumen Técnico del Ataque: CVE-2023-46604 El script explota un...

10CVSS9.9AI score0.99654EPSS
Exploits31
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/31 1:35 p.m.41 views

Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues due to Keycloak, Swagger UI, IBM GSKit, and Apache ActiveMQ

Summary IBM Sterling Transformation Extender uses Keycloak, Swagger UI, IBM GSKit, and Apache ActiveMQ. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-46604 DESCRIPTION: Apache ActiveMQ and ActiveMQ Legacy OpenWire Module could allo...

10CVSS8.7AI score0.99654EPSS
Exploits35Affected Software1
GithubExploit
GithubExploit
added 2023/12/09 7:19 p.m.337 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 Exploit for CVE-2023-46604 This tool helps...

10CVSS10AI score0.99654EPSS
Exploits31
F5 Networks
F5 Networks
added 2023/12/01 11:43 p.m.39 views

K000137761: Apache ActiveMQ vulnerability CVE-2023-46604

Security Advisory Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in...

10CVSS8.3AI score0.99654EPSS
Exploits31
GithubExploit
GithubExploit
added 2023/11/12 11:26 a.m.381 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 RCE Pseudoshell This script leverages CVE-2023...

10CVSS10AI score0.99654EPSS
Exploits31
GithubExploit
GithubExploit
added 2023/11/04 11:58 a.m.759 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 This repository contains an exploit script and...

10CVSS9.4AI score0.99654EPSS
Exploits31
Malwarebytes
Malwarebytes
added 2023/11/03 4:41 p.m.82 views

Apache ActiveMQ vulnerability used in ransomware attacks

On the 27 October, the Apache Software Foundation ASF announced a very serious vulnerability in Apache ActiveMQ that can be used to achieve remote code execution RCE. The Cybersecurity and Infrastructure Security Agency has now added this vulnerability to its Known Exploited Vulnerabilities...

7.5CVSS10AI score0.99654EPSS
Exploits31
VulnCheck KEV
VulnCheck KEV
added 2023/11/02 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-46604

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath...

10CVSS7.1AI score0.99654EPSS
Exploits31References1
Tenable Nessus
Tenable Nessus
added 2023/11/02 12:0 a.m.109 views

Apache ActiveMQ < 5.15.16 / 5.16.x < 5.16.7 / 5.17.x < 5.17.6 / 5.18.x < 5.18.3 RCE

Apache ActiveMQ is vulnerable to remote code execution. The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. User...

10CVSS8.4AI score0.99654EPSS
Exploits31References3
CISA KEV Catalog
CISA KEV Catalog
added 2023/11/02 12:0 a.m.109 views

Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath...

10CVSS7.5AI score0.99654EPSS
In wildExploits31
Veracode
Veracode
added 2023/10/31 11:2 a.m.42 views

Remote Code Execution

activemq is vulnerable to Remote Code Execution. The vulnerability is due to BaseDataStreamMarshaller.java as there is no class validation and does not verify that the loaded class is a valid Throwable. This allows an attacker to manipulate serialized class types within the OpenWire protocol,...

10CVSS7.5AI score0.99654EPSS
Exploits31References11Affected Software3
CNVD
CNVD
added 2023/10/31 12:0 a.m.8 views

Apache ActiveMQ Deserialization Vulnerability

Apache ActiveMQ is the United States Apache Apache Foundation of a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework and so on. Apache ActiveMQ there is a deserialization vulnerability , the vulnerability stems from the application in...

10CVSS7.5AI score0.99654EPSS
Exploits31References1
OSV
OSV
added 2023/10/27 3:30 p.m.2 views

GHSA-CRG9-44H2-XW35 Apache ActiveMQ is vulnerable to Remote Code Execution

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users...

10CVSS7AI score0.99654EPSS
Exploits31References20
Github Security Blog
Github Security Blog
added 2023/10/27 3:30 p.m.88 views

Apache ActiveMQ is vulnerable to Remote Code Execution

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users...

10CVSS8AI score0.99654EPSS
Exploits31References20Affected Software2
NVD
NVD
added 2023/10/27 3:15 p.m.31 views

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

10CVSS9.8AI score0.99654EPSS
Exploits31References8
Prion
Prion
added 2023/10/27 3:15 p.m.60 views

Design/Logic Flaw

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

7.5CVSS9.5AI score0.99654EPSS
Exploits31References5Affected Software2
GithubExploit
GithubExploit
added 2023/10/27 5:57 a.m.628 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-RCE English Versionhttps://github.com/X1r0z/Act...

10CVSS9.3AI score0.99654EPSS
Exploits31
ATTACKERKB
ATTACKERKB
added 2023/10/27 12:0 a.m.57 views

CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...

10CVSS9.9AI score0.99654EPSS
In wildExploits31References13
Rows per page
Query Builder