25 matches found
CVE-2015-5254
creationtimestamp| type| source ---|---|--- 2026-04-20 04:00:04+00:00| seen| https://t.me/GithubRedTeam/81019 2026-04-20 09:00:05+00:00| published-proof-of-concept| Telegram/pmzKbihchBYeJvBnkfYLk5LESIxSAVi0zGHv3QahmixUjs...
EUVD-2022-4703
Malicious code in bioql PyPI...
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper authentication validation when connecting to the JMX...
GHSA-P76J-5V6V-6C22 Apache NiFi JMS Deserialization issue
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...
Apache NiFi JMS Deserialization issue
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...
at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +273 more potentially affected by CVE-2015-5254 via org.apache.activemq:activemq-client (>=5.10.0 <=5.11.2)
org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2015-5254 Source advisory: OSV:GHSA-Q9HR-3PG4-3JP4...
com.hack23.cia:jms-broker (=2015.12.01), com.hack23.cia:service.component.agent.impl (=2015.12.01) +169 more potentially affected by CVE-2015-5254 via org.apache.activemq:activemq-client (>=5.12.0 <=5.12.1)
org.apache.activemq:activemq-client MAVEN version =5.12.0, =1.0.7, =1.0.7, =2.2.44, =2.2.94, =2.2.97, =2.2.97, =2.2.90, =2.2.96 and more Source cves: CVE-2015-5254 Source advisory: OSV:GHSA-Q9HR-3PG4-3JP4...
Security Bulletin: CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker
Summary CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service JMS ObjectMessage object. Vulnerability Details CVEID: CVE-2015-5254...
Apache ActiveMQ Plugin Remote Code Execution (CVE-2015-5254)
An insecure deserialization vulnerability exists in ActiveMQ server. This vulnerability is due to deserialization of untrusted data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Security Bulletin: Security vulnerabilities have been identified in IBM Tivoli Integrated Portal (TIP) shipped with Tivoli Business Service Manager (CVE-2015-5254, CVE-2014-3600, CVE-2014-3612, CVE-2014-8110, CVE-2014-3579)
Summary IBM Tivoli Integrated Portal TIP is shipped as a component of Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM Tivoli Integrated Portal TIP have been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin:...
Security Bulletin: A security vulnerability has been identified in Jazz for Service Management shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2015-5254)
Summary Jazz for Service Management JazzSM is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting JazzSM has been published in a security bulletin. Vulnerability Details Please consult the security bulletin OpenSource Apache ActiveMQ...
Security Bulletin: IBM Tivoli Netcool Impact affected by OpenSource Apache ActiveMQ Vulnerability (CVE-2015-5254)
Summary IBM Tivoli Netcool Impact has addressed the OpenSource Apache ActiveMQ Vulnerability. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be...
Security Bulletin: OpenSource Apache ActiveMQ Vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2015-5254)
Summary OpenSource Apache ActiveMQ Vulnerability identified with Jazz for Service Management v1.1.3 Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can...
Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Tivoli System Automation Application Manager (CVE-2015-5254)
Summary There is a vulnerability in Apache ActiveMQ that is used by IBM Tivoli System Automation Application Manager. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict th...
Deserialization of untrusted data
Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...
Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2017 CPU)
The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.171017 or 11.1.1.9.x prior to 11.1.1.9.171017. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CV...
Debian DSA-3524-1 : activemq - security update
It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-anno uncement.txt. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...
Debian Security Advisory DSA 3524-1 (activemq - security update)
It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt . OpenVAS Vulnerability Test $Id: deb3524.nasl 6608...
DSA-3524-1 activemq - security update
Bulletin has no description...
Fedora 22 : activemq-5.6.0-14.fc22 (2015-7ca4368b0c)
fix for CVE-2015-5254 rhbz1291292,1291293 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...