Lucene search
K

25 matches found

Circl
Circl
added 2026/04/20 4:0 a.m.6 views

CVE-2015-5254

creationtimestamp| type| source ---|---|--- 2026-04-20 04:00:04+00:00| seen| https://t.me/GithubRedTeam/81019 2026-04-20 09:00:05+00:00| published-proof-of-concept| Telegram/pmzKbihchBYeJvBnkfYLk5LESIxSAVi0zGHv3QahmixUjs...

9.8CVSS8.2AI score0.38191EPSS
Exploits4References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-4703

Malicious code in bioql PyPI...

7.5CVSS8.5AI score0.03176EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/02 12:46 p.m.61 views

Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management

Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF15 patch Vulnerability Details CVEID:CVE-2020-13920 DESCRIPTION: Apache ActiveMQ is vulnerable to a man-in-the-middle attack, caused by improper authentication validation when connecting to the JMX...

9.8CVSS9.8AI score0.98518EPSS
Exploits26Affected Software1
Github Security Blog
Github Security Blog
added 2022/05/14 3:16 a.m.52 views

Apache NiFi JMS Deserialization issue

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...

7.5CVSS4.1AI score0.03176EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/05/14 3:16 a.m.35 views

GHSA-P76J-5V6V-6C22 Apache NiFi JMS Deserialization issue

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...

7.5CVSS6.9AI score0.03176EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.4 views

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +273 more potentially affected by CVE-2015-5254 via org.apache.activemq:activemq-client (>=5.10.0 <=5.11.2)

org.apache.activemq:activemq-client MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2015-5254 Source advisory: OSV:GHSA-Q9HR-3PG4-3JP4...

9.8CVSS7.1AI score0.38191EPSS
Exploits4
vulnersOsv
vulnersOsv
added 2022/05/13 1:30 a.m.6 views

com.hack23.cia:jms-broker (=2015.12.01), com.hack23.cia:service.component.agent.impl (=2015.12.01) +169 more potentially affected by CVE-2015-5254 via org.apache.activemq:activemq-client (>=5.12.0 <=5.12.1)

org.apache.activemq:activemq-client MAVEN version =5.12.0, =1.0.7, =1.0.7, =2.2.44, =2.2.94, =2.2.97, =2.2.97, =2.2.90, =2.2.96 and more Source cves: CVE-2015-5254 Source advisory: OSV:GHSA-Q9HR-3PG4-3JP4...

9.8CVSS7.1AI score0.38191EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletins
added 2020/08/04 6:46 p.m.47 views

Security Bulletin: CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker

Summary CVE-2015-5254 Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service JMS ObjectMessage object. Vulnerability Details CVEID: CVE-2015-5254...

9.8CVSS3.2AI score0.38191EPSS
Exploits4Affected Software1
Check Point Advisories
Check Point Advisories
added 2019/09/09 12:0 a.m.4 views

Apache ActiveMQ Plugin Remote Code Execution (CVE-2015-5254)

An insecure deserialization vulnerability exists in ActiveMQ server. This vulnerability is due to deserialization of untrusted data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS6.1AI score0.38191EPSS
Exploits4
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:50 p.m.44 views

Security Bulletin: Security vulnerabilities have been identified in IBM Tivoli Integrated Portal (TIP) shipped with Tivoli Business Service Manager (CVE-2015-5254, CVE-2014-3600, CVE-2014-3612, CVE-2014-8110, CVE-2014-3579)

Summary IBM Tivoli Integrated Portal TIP is shipped as a component of Tivoli Business Service Manager. Information about security vulnerabilities affecting IBM Tivoli Integrated Portal TIP have been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin:...

9.8CVSS2.8AI score0.38191EPSS
Exploits5Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:48 p.m.46 views

Security Bulletin: A security vulnerability has been identified in Jazz for Service Management shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2015-5254)

Summary Jazz for Service Management JazzSM is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting JazzSM has been published in a security bulletin. Vulnerability Details Please consult the security bulletin OpenSource Apache ActiveMQ...

9.8CVSS1.5AI score0.38191EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:48 p.m.35 views

Security Bulletin: IBM Tivoli Netcool Impact affected by OpenSource Apache ActiveMQ Vulnerability (CVE-2015-5254)

Summary IBM Tivoli Netcool Impact has addressed the OpenSource Apache ActiveMQ Vulnerability. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can be...

9.8CVSS1.2AI score0.38191EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:47 p.m.34 views

Security Bulletin: OpenSource Apache ActiveMQ Vulnerability identified with Jazz for Service Management (JazzSM) v1.1.3 (CVE-2015-5254)

Summary OpenSource Apache ActiveMQ Vulnerability identified with Jazz for Service Management v1.1.3 Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict the classes that can...

9.8CVSS2.4AI score0.38191EPSS
Exploits4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/17 3:18 p.m.37 views

Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Tivoli System Automation Application Manager (CVE-2015-5254)

Summary There is a vulnerability in Apache ActiveMQ that is used by IBM Tivoli System Automation Application Manager. Vulnerability Details CVEID: CVE-2015-5254 DESCRIPTION: Apache ActiveMQ could allow a remote attacker to execute arbitrary code on the system, caused by the failure to restrict th...

9.8CVSS1AI score0.38191EPSS
Exploits4Affected Software1
Prion
Prion
added 2018/05/23 2:29 p.m.25 views

Deserialization of untrusted data

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Malicious JMS content could cause denial of service. See ActiveMQ CVE-2015-5254 announcement for more information. The fix to upgrade the activemq-client library to 5.15.3 was applied on the Apache NiFi 1.6.0 release...

5CVSS8.2AI score0.38191EPSS
Exploits4References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/10/18 12:0 a.m.92 views

Oracle Business Intelligence Publisher Multiple Vulnerabilities (October 2017 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.7.x prior to 11.1.1.7.171017 or 11.1.1.9.x prior to 11.1.1.9.171017. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CV...

9.8CVSS7.5AI score0.38191EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2016/03/22 12:0 a.m.34 views

Debian DSA-3524-1 : activemq - security update

It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-anno uncement.txt. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. T...

9.8CVSS8AI score0.38191EPSS
Exploits4References5
OpenVAS
OpenVAS
added 2016/03/20 12:0 a.m.54 views

Debian Security Advisory DSA 3524-1 (activemq - security update)

It was discovered that the ActiveMQ Java message broker performs unsafe deserialisation. For additional information, please refer to the upstream advisory at http://activemq.apache.org/security-advisories.data/CVE-2015-5254-announcement.txt . OpenVAS Vulnerability Test $Id: deb3524.nasl 6608...

7.5CVSS0.38191EPSS
Exploits4References1
OSV
OSV
added 2016/03/20 12:0 a.m.33 views

DSA-3524-1 activemq - security update

Bulletin has no description...

9.8CVSS7AI score0.38191EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.49 views

Fedora 22 : activemq-5.6.0-14.fc22 (2015-7ca4368b0c)

fix for CVE-2015-5254 rhbz1291292,1291293 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

9.8CVSS8AI score0.38191EPSS
Exploits4References3
Rows per page
Query Builder