Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Cvelist
Cvelistadded 4 days ago27 views

CVE-2026-42588 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Remote Code Execution via Jolokia addNetworkConnector

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy...

0.00056EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.5 views

EUVD-2009-2086

Malware in sbrugna...

5CVSS6.4AI score0.00363EPSS
Exploits0References7
SUSE CVE
SUSE CVEadded 2023/02/15 6:3 a.m.1 views

SUSE CVE-2009-2090

Unspecified vulnerability in wsadmin in the System Management/Repository component in IBM WebSphere Application Server WAS 7.0 before 7.0.0.5 allows remote attackers to bypass intended Java Management Extensions JMX Management Beans aka MBeans access restrictions, and cause a denial of service...

5CVSS6.7AI score0.00363EPSS
Exploits0References3
OSV
OSVadded 2018/08/01 2:29 p.m.1 views

CVE-2016-8648

It was found that the Karaf container used by Red Hat JBoss Fuse 6.x, and Red Hat JBoss A-MQ 6.x, deserializes objects passed to MBeans via JMX operations. An attacker could use this flaw to execute remote code on the server as the user running the Java Virtual Machine if the target MBean contain...

7.2CVSS6.1AI score0.00509EPSS
Exploits0References2
CNVD
CNVDadded 2016/09/29 12:0 a.m.2 views

Aternity Remote Code Execution Vulnerability

Aternity webserver is a web server from the American company Aternity. A remote code execution vulnerability exists in Aternity 9 and prior versions of the web server, which stems from the program failing to require authentication for getMBeansFromURL to download Java Mbeans. A remote attacker ca...

9.8CVSS8.6AI score0.00476EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2013/01/24 6:7 p.m.4 views

JBoss invoker servlets do not require authentication

The 1 JMXInvokerHAServlet and 2 EJBInvokerHAServlet invoker servlets in JBoss Enterprise Application Platform EAP before 5.2.0, Web Platform EWP before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 do not require authentication by default in certain profiles, which might allow...

6.8CVSS6.6AI score0.5129EPSS
Exploits1References4
CVE
CVEadded 2009/08/13 6:0 p.m.52 views

CVE-2009-2090

CVE-2009-2090 affects IBM WebSphere Application Server 7.0 (wsadmin, System Management/Repository). The vulnerability allows remote bypass of JMX MBeans access restrictions and can lead to a denial of service (daemon stop) via unknown vectors. Affected: WAS 7.0 before 7.0.0.5. Root cause and exac...

5CVSS6.7AI score0.00363EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder