Exploit for Improper Input Validation in Apache Activemq

CVE-2026-34197 ActiveMQ Classic Security Detection Tool This...

CVE-2026-41044

The CVE describes an authenticated RCE/Code Injection in Apache ActiveMQ (Classic) and related brokers via the admin web console. An attacker can craft a malicious broker name (bypassing validation) that embeds an xbean binding, which a VM transport can later load through a DestinationView MBean ...

Apache ActiveMQ 安全漏洞

Apache ActiveMQ Broker is an open source message broker and integration pattern server . A security vulnerability exists in Apache ActiveMQ Broker. The vulnerability stems from the Jolokia JMX-HTTP bridge default policy that allows exec operations on MBeans, which can be exploited by an attacker ...

EUVD-2004-2313

Malware in sbrugna...

EUVD-2007-1154

Malware in sbrugna...

EUVD-2006-4126

Malware in sbrugna...

EUVD-2006-0429

Malware in sbrugna...

CVE-2024-32656

Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media...

GHSA-443J-GRXV-2PGV Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780 Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780 Apache ActiveMQ Artemis: Authenticated users could perform RCE via Jolokia MBeans

Apache ActiveMQ Artemis allows access to diagnostic information and controls through MBeans, which are also exposed through the authenticated Jolokia endpoint. Before version 2.29.0, this also included the Log4J2 MBean. This MBean is not meant for exposure to non-administrative users. This could...

CVE-2023-50780

Apache ActiveMQ Artemis suffers a vulnerability where diagnostic MBeans (including the Log4J2 MBean) are exposed through the Jolokia endpoint, accessible to authenticated users. Before version 2.29.0 this exposure could allow an authenticated attacker to write arbitrary files to the filesystem an...

Apache ActiveMQ Artemis 安全漏洞

Apache ActiveMQ Artemis is a high-performance open source messaging agent from the Apache USA Foundation. A security vulnerability exists in Apache ActiveMQ Artemis versions prior to 2.29.0, which stems from allowing access to diagnostic information and controls via MBean, which allows an attacke...

Privilege Escalation

Ant Media Server is vulnerable to Privilege Escalation. The vulnerability is caused by running Java Management Extensions JMX with authentication disabled on localhost on port 5599. This allows unprivileged users to connect locally and leverage MLet Bean within JMX to load a remote MBean from an...

CVE-2024-32656 Ant Media Server vulnerable to local privilege escalation

Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media...

CVE-2024-32656

CVE-2024-32656 affects Ant Media Server (versions 2.6.0–2.8.2). The issue arises because JMX is enabled and unauthenticated on localhost:5599/TCP, allowing an unprivileged user to exploit the MLet bean to load a remote MBean and execute code in the antmedia process, effectively escalating to root...

SUSE CVE-2013-0422

Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by 1 using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using t...