252449 matches found
CVE-2026-42588 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...
CVE-2026-42588 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...
CVE-2026-42588
Apache ActiveMQ (Broker, All, and ActiveMQ) is affected by CVE-2026-42588 via the Jolokia JMX-HTTP bridge exposed on the web console (/api/jolokia/). The vulnerability arises when an authenticated attacker uses a crafted discovery URI to trigger the VM transport’s brokerConfig parameter with a ma...
CVE-2026-45505 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Jolokia `addNetworkConnector` Discovery Wrapper Bypass
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...
EUVD-2026-33576
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...
CVE-2026-45505
Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...
Exploit for Stack-based Buffer Overflow in Microsoft
CVE-2026-41089 ██████╗██╗ ██╗███████╗ ██╗ ██╗ ██╗...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
CVE-2026-20452
The CVE-2026-20452 entry concerns memory corruption in the wlan AP driver caused by a heap buffer overflow. Impact is remote (proximal/adjacent) code execution with HIGH confidentiality, integrity, and availability impact, exploitable with adjacent network access, low privileges, and no user inte...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
EUVD-2026-33541
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
Important: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Apache HTTP Server: mod_proxy_ajp: Apache HTTP Server mod_proxy_ajp: Arbitrary code execution via heap-based buffer overflow
A flaw was found in modproxyajp of Apache HTTP Server. This heap-based buffer overflow vulnerability allows a remote attacker, by connecting to a malicious AJP Apache JServ Protocol server, to send a specially crafted message. This message can cause modproxyajp to write attacker-controlled data...
PUB-A-449160232
In Modem, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...
Apache ActiveMQ 安全漏洞
Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability stems from the default access policy of the...
PT-2026-45420
Name of the Vulnerable Software and Affected Versions HP Poly VVX 150 HP Poly VVX 250 HP Poly VVX 350 HP Poly VVX 450 HP Poly Trio 8300 HP Poly Trio 8500 HP Poly Trio 8800 Description An unauthenticated stack-based buffer overflow exists in HP Poly Voice products on the Linux platform during the...
IBM WebSphere Application Server(WAS) 代码注入漏洞
IBM WebSphere Application Server is an enterprise-level Java application server, primarily used for deploying and running Java enterprise applications. IBM WebSphere Application Server has a security control bypass vulnerability. This vulnerability stems from the improper implementation of securi...
aiter 代码问题漏洞
aiter is a high-performance AI operator library open source by AMD ROCm™ Software, providing optimized GPU cores for inference and training. Versions of aiter prior to 0.1.14 contain code vulnerabilities. These vulnerabilities stem from unauthenticated remote code execution in the MessageQueue.re...