2667 matches found
Apache ActiveMQ 6.x < 6.1.2 - Broken Access Control
Apache ActiveMQ 6.x contains an unauthenticated API web context caused by default configuration lacking security measures in the Jetty server, letting anyone interact with broker APIs and messaging layers, exploit requires no authentication. id: CVE-2024-32114 info: name: Apache ActiveMQ 6.x 6.1....
ROOT-APP-MAVEN-CVE-2026-34197 CVE-2026-34197 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-34197 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41044 CVE-2026-41044 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41044 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
ROOT-APP-MAVEN-CVE-2026-41043 CVE-2026-41043 in io.root.org.apache.activemq:activemq-broker - Patched by Root
Root has patched CVE-2026-41043 in the io.root.org.apache.activemq:activemq-broker package for Root:Maven. Multiple fixed versions available...
CVE-2026-36590
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...
CVE-2026-36590
An issue in EMQ NanoMQ v.0.24.9 allows a remote attacker to cause a denial of service via the nniqosdbset function in brokertcp.c component...
CVE-2026-48581 Surface Broker SDMA Elevation of Privilege Vulnerability
...
CVE-2026-48581 Surface Broker SDMA Elevation of Privilege Vulnerability
...
Surface Broker SDMA Elevation of Privilege Vulnerability
Insufficient granularity of access control in Microsoft Surface allows an authorized attacker to elevate privileges locally...
CVE-2026-0276
A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...
CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability
A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...
CVE-2026-0276 Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability
A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...
EUVD-2026-42690
A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...
CVE-2026-0276
A privilege escalation vulnerability in Palo Alto Networks Cortex® XDR Broker VM enables a locally authenticated user to perform actions as the root user...
CVE-2026-0276
CVE-2026-0276 concerns Palo Alto Networks Cortex XDR Broker VM. The connected sources describe a privilege-escalation issue in the VM related to insecure privilege management that would allow a locally authenticated attacker to escalate to root privileges. There are no specific version numbers, r...
[SECURITY] Fedora 43 Update: rust-busd-0.5.0-3.fc43
A D-Bus bus broker implementation...
[SECURITY] Fedora 44 Update: rust-busd-0.5.0-3.fc44
A D-Bus bus broker implementation...
BIT-ACTIVEMQ-2026-50750 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: Pre-authentication OpenWire DoS following fix for CVE-2026-49270
Denial of Service via Out of Memory vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. Following the fix for CVE-2026-49270 an unauthenticated attacker can now cause broker OOM by sending an repeated BrokerInfo commands without sending a ConnectionInfo, until the broke...
BIT-ACTIVEMQ-2026-49434 Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All: LdapNetworkConnector instantiates denied transports and a remote-properties broker
Improper Input Validation vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ, Apache ActiveMQ All. An attacker that has access to publish or modify entries in LDAP that match the configured searchBase and searchFilter can instantiate denied transports inside the broker JVM. This can be used...
CVE-2026-14781
A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the emailverified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but...