56 matches found
EUVD-2021-1379
Malware in sbrugna...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 01. Apache ActiveMQ & OpenWire - 1 Apac...
Exploit for Deserialization of Untrusted Data in Apache Activemq
Resumen Técnico del Ataque: CVE-2023-46604 El script explota un...
Security Bulletin: IBM Sterling Transformation Extender is vulnerable to multiple issues due to Keycloak, Swagger UI, IBM GSKit, and Apache ActiveMQ
Summary IBM Sterling Transformation Extender uses Keycloak, Swagger UI, IBM GSKit, and Apache ActiveMQ. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-46604 DESCRIPTION: Apache ActiveMQ and ActiveMQ Legacy OpenWire Module could allo...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 Exploit for CVE-2023-46604 This tool helps...
K000137761: Apache ActiveMQ vulnerability CVE-2023-46604
Security Advisory Description The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 RCE Pseudoshell This script leverages CVE-2023...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 This repository contains an exploit script and...
Apache ActiveMQ vulnerability used in ransomware attacks
On the 27 October, the Apache Software Foundation ASF announced a very serious vulnerability in Apache ActiveMQ that can be used to achieve remote code execution RCE. The Cybersecurity and Infrastructure Security Agency has now added this vulnerability to its Known Exploited Vulnerabilities...
VulnCheck KEV: CVE-2023-46604
Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath...
Apache ActiveMQ < 5.15.16 / 5.16.x < 5.16.7 / 5.17.x < 5.17.6 / 5.18.x < 5.18.3 RCE
Apache ActiveMQ is vulnerable to remote code execution. The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. User...
Apache ActiveMQ Deserialization of Untrusted Data Vulnerability
Apache ActiveMQ contains a deserialization of untrusted data vulnerability that may allow a remote attacker with network access to a broker to run shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath...
Remote Code Execution
activemq is vulnerable to Remote Code Execution. The vulnerability is due to BaseDataStreamMarshaller.java as there is no class validation and does not verify that the loaded class is a valid Throwable. This allows an attacker to manipulate serialized class types within the OpenWire protocol,...
Apache ActiveMQ Deserialization Vulnerability
Apache ActiveMQ is the United States Apache Apache Foundation of a set of open source messaging middleware , which supports Java messaging services , clustering , Spring Framework and so on. Apache ActiveMQ there is a deserialization vulnerability , the vulnerability stems from the application in...
GHSA-CRG9-44H2-XW35 Apache ActiveMQ is vulnerable to Remote Code Execution
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users...
Apache ActiveMQ is vulnerable to Remote Code Execution
Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. Users...
CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...
Design/Logic Flaw
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...
Exploit for Deserialization of Untrusted Data in Apache Activemq
ActiveMQ-RCE English Versionhttps://github.com/X1r0z/Act...
CVE-2023-46604
The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to caus...