Authentication flaw

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service channel outage by leveraging queue-manager rights...

CVE-2016-0379

IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which allows remote authenticated users to cause a denial of service channel outage by leveraging queue-manager rights...

swarm - A Modular Distributed Penetration Testing Tool

Swarm is an open source modular distributed penetration testing Tool that use distributed task queue to implement communication in the master-slave mode system and use MongoDB for data storage. It consists of a distributed framework and function modules. The function module can be an entirely new...

CVE-2016-5879

MQCLI on IBM MQ Appliance M2000 and M2001 devices allows local users to execute arbitrary shell commands via a crafted 1 Disaster Recovery or 2 High Availability command...

IBM MQ Appliance Local Command Execution Vulnerability

The IBM MQ Appliance is a solution that supports IBM MQ deployment for new use cases and simplifies existing deployment options. A local command execution vulnerability exists in IBM MQ Appliance. A local attacker is allowed to exploit the vulnerability to execute arbitrary commands and obtain...

QEMU 'Transmit(tx) Queue' Handling Information Disclosure Vulnerability

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. An information disclosure vulnerability exists in the QEMU 'Transmittx Queue' processing, which allows attackers to exploit the vulnerability to obtain sensitive...

Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code

The vulnerability of the Windows operating system’s print queue dispatcher is related to security configuration errors. Exploiting this vulnerability allows a perpetrator performing a “man-in-the-middle” attack to execute arbitrary code using a specially crafted print driver during printer...

The vulnerability of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Windows operating system’s print queue dispatcher service is related to deficiencies in access control. Exploiting this vulnerability can allow an intruder, operating locally, to enhance their privileges through vectors related to file system writing operations...

DEBIAN-CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

Cross site scripting

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

CVE-2016-0782

The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting XSS attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a...

Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability (cisco-sa-20160804-wedge)

A vulnerability in the processing of Network Time Protocol NTP packets by Cisco IOS could allow an unauthenticated, remote attacker to cause an interface wedge and an eventual denial of service DoS condition on the affected device. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions...

The vulnerability of the WebSphere MQ message processing service allows attackers to escalate their privileges.

The vulnerability of the WebSphere MQ messaging service is related to errors in the management of registration data. Exploiting this vulnerability can allow a malicious actor, operating locally, to increase their privileges using the mqcertck tool...

The vulnerability of the WebSphere MQ message processing service allows attackers to circumvent existing access restrictions.

The vulnerability of the WebSphere MQ messaging service is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating locally, to circumvent existing access restrictions...

The vulnerability of the WebSphere MQ message processing service allows a perpetrator to trigger a service failure.

The vulnerability of the WebSphere MQ message queue manager agent is related to a memory leak. Exploiting this vulnerability allows an attacker, operating remotely, to cause service failures e.g., excessive memory consumption by triggering multiple errors...

The vulnerability of the WebSphere MQ message processing service, which allows a hacker to obtain confidential information

The vulnerability of the input console for running the runmqsc command of the WebSphere MQ messaging service is related to the lack of protection for operational data. Exploiting this vulnerability could allow an attacker acting locally to obtain confidential information...

activemq: Cross-site scripting vulnerabilities in web console

It was found that Apache Active MQ administration web console did not validate input correctly when creating a queue. An authenticated attacker could exploit this flaw via cross-site scripting and use it to access sensitive information or further attacks...

The vulnerability of the Windows operating system, which allows a perpetrator to increase their privileges or execute arbitrary code

Vulnerability exists in the Message Queue Service MSMQ, the BthPan.sys and MQAC.sys drivers. This allows a malicious individual to elevate their privileges within the system and execute arbitrary code...

The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.

The Google Chrome browser contains a vulnerability related to the implementation of SPDY in net/spdy/spdywritequeue.cc. Exploiting this vulnerability allows malicious actors to induce service failures i.e., out-of-bounds reading by using incorrect queue handling...