Lucene search
+L

2667 matches found

Nuclei
Nuclei
added 13 hours ago15 views

Apache ActiveMQ 6.x < 6.1.2 - Broken Access Control

Apache ActiveMQ 6.x contains an unauthenticated API web context caused by default configuration lacking security measures in the Jetty server, letting anyone interact with broker APIs and messaging layers, exploit requires no authentication. id: CVE-2024-32114 info: name: Apache ActiveMQ 6.x 6.1....

8.8CVSS7.9AI score0.0692EPSS
Exploits1References4
OSV
OSV
added yesterday11 views

ROOT-APP-MAVEN-CVE-2026-34197 CVE-2026-34197 in io.root.org.apache.activemq:activemq-broker - Patched by Root

Root has patched CVE-2026-34197 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...

8.8CVSS7.1AI score0.96666EPSS
Exploits14
OSV
OSV
added yesterday14 views

ROOT-APP-MAVEN-CVE-2026-41044 CVE-2026-41044 in io.root.org.apache.activemq:activemq-broker - Patched by Root

Root has patched CVE-2026-41044 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...

8.8CVSS5.8AI score0.0098EPSS
Exploits0
OSV
OSV
added yesterday8 views

ROOT-APP-MAVEN-CVE-2026-41043 CVE-2026-41043 in io.root.org.apache.activemq:activemq-broker - Patched by Root

Root has patched CVE-2026-41043 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...

6.5CVSS5.3AI score0.0056EPSS
Exploits0
NVD
NVD
added 2 days ago7 views

CVE-2026-36590

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

7.5CVSS0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-36590

An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...

0.00289EPSS
Exploits0References2
Cvelist
Cvelist
added 3 days ago24 views

CVE-2026-48581 Surface Broker SDMA Elevation of Privilege Vulnerability

...

7.8CVSS0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago3 views

CVE-2026-48581 Surface Broker SDMA Elevation of Privilege Vulnerability

...

7.8CVSS6.1AI score0.00219EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 3 days ago6 views

Surface Broker SDMA Elevation of Privilege Vulnerability

Insufficient granularity of access control in Microsoft Surface allows an authorized attacker to elevate privileges locally...

7.8CVSS6.1AI score0.00219EPSS
Exploits0
NVD
NVD
added 2026/07/09 8:16 p.m.6 views

CVE-2026-0276

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

7.8CVSS0.00137EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/09 7:17 p.m.41 views

CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS0.00137EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/07/09 7:17 p.m.7 views

CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS6.1AI score0.00137EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/09 7:17 p.m.8 views

EUVD-2026-42690

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS6AI score0.00137EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/09 7:17 p.m.7 views

CVE-2026-0276

A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...

4.8CVSS6AI score0.00137EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/09 7:17 p.m.7 views

CVE-2026-0276

CVE-2026-0276 concerns Palo Alto Networks Cortex XDR Broker VM. The connected sources describe a privilege-escalation issue in the VM related to insecure privilege management that would allow a locally authenticated attacker to escalate to root privileges. There are no specific version numbers, r...

7.8CVSS6AI score0.00137EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2026/07/06 3:10 p.m.18 views

[SECURITY] Fedora 43 Update: rust-busd-0.5.0-3.fc43

A D-Bus bus broker implementation...

5.9AI score
Exploits0
Fedora
Fedora
added 2026/07/06 2:55 p.m.10 views

[SECURITY] Fedora 44 Update: rust-busd-0.5.0-3.fc44

A D-Bus bus broker implementation...

5.9AI score
Exploits0
OSV
OSV
added 2026/07/06 5:47 a.m.4 views

BIT-ACTIVEMQ-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270

Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...

7.5CVSS5.9AI score0.00707EPSS
Exploits0References2
OSV
OSV
added 2026/07/06 5:47 a.m.4 views

BIT-ACTIVEMQ-2026-49434 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker

Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used...

7.5CVSS5.9AI score0.00659EPSS
Exploits0References3
NVD
NVD
added 2026/07/05 7:16 a.m.11 views

CVE-2026-14781

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...

4.8CVSS0.00196EPSS
Exploits0References2
Rows per page
Query Builder