EUVD-2017-11062

Malware in sbrugna...

EUVD-2018-0677

Malware in sbrugna...

EUVD-2022-47716

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-51441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with access to the admin service to perform possible SSRF This...

CVE-2025-0926

CVE-2025-0926 affects AXIS Camera Station Pro. A non-admin user can remove system files, causing a boot loop by redirecting a file deletion during video recording. The issue is tied to Axis products and is mitigated by a patched Axis advisory; Axis has released a fixed version. Exploitation detai...

Security Bulletin: Apache axis.jar is present in older Statistics releases that use IBM SPSS C&DS

Summary Apache Axis is vulnerable to server-side request forgery, caused by a improper input validation by the service admin HTTP API. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack. Customers using IBM SPSS Statistics versions 26-29 wi...

RHEL 5 : axis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - axis: Hard coded domain name in example web service named StockQuoteService.jws leading to remote code...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : axis (SUSE-SU-2024:0852-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0852-1 advisory. - UNSUPPORTED WHEN ASSIGNED Improper Input Validation vulnerability in Apache Axis allowed users with...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +53 more potentially affected by CVE-2023-51441 via axis:axis (>=1.2 <=1.3)

axis:axis MAVEN version =1.2, =1.2.5, =4.0, =1.6, =1.1, =1.0.0, =1.0.0, =1.0.0, =1.1.3 and more Source cves: CVE-2023-51441 Source advisory: OSV:GHSA-HR2C-P8RH-238H...

USN-6470-1 axis vulnerability

It was discovered that Axis incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2023-40743...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2023-40743 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2023-40743 Source advisory: OSV:GHSA-RMQP-9W4C-GC7W...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2012-5784 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2012-5784 Source advisory: OSV:GHSA-55W9-C3G2-4RRH...

cn.net.vidyo:dylink-vidyo-ws-sdk (>=2.1.0.16.RELEASE <=3.0.0.3.RELEASE), com.aftia.plugin:aem-build-maven-plugin.core (>=1.2.1 <=1.2.2) +286 more potentially affected by CVE-2012-5784 via org.apache.axis:axis (=1.4)

org.apache.axis:axis MAVEN version =1.4 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.axis:axis and may be impacted: - cn.net.vidyo:dylink-vidyo-ws-sdk =2.1.0.16.RELEASE, =1.2.1, =1.0.0, =1.4-build003, =0.9.1, =0.0.3.M1, =0.0.3.M1,...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2019-0227 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2019-0227 Source advisory: OSV:GHSA-H9GJ-RQRW-X4FQ...

Apache Axis Code Execution Vulnerability

Apache Axis is the United States Apache Apache Software Foundation of an open source , XML-based Web services architecture . The product contains a Java and C++ language implementation of the SOAP server , as well as a variety of utility services and APIs to generate and deploy Web services...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2018-8032 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2018-8032 Source advisory: OSV:GHSA-96JQ-75WH-2658...

activemq:activemq (=1.1), activemq:activemq-optional (=3.2) +325 more potentially affected by CVE-2014-3596 via axis:axis (>=1.2 <=1.4)

axis:axis MAVEN version =1.2, =1.2.5, =1.1.0, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.0.2, =5.6.4 and more Source cves: CVE-2014-3596 Source advisory: OSV:GHSA-R53V-VM87-F72C...

axis: missing connection hostname check against X.509 certificate name

Apache Axis did not verify that the server host name matched the domain name in the subject's Common Name CN or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name...

DEBIAN-CVE-2012-5784

Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or...