2757 matches found
MINI-CJPC-V4M4-MQ8V
Bulletin has no description...
CVE-2026-53917
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ Client, Apache ActiveMQ Broker. An authenticated user can cause a broker DoS by sending a crafted OpenWire Message with a large encoded size value for the map. OpenWire message...
UBUNTU-CVE-2026-50734
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...
CVE-2026-50734
Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ Client, Apache ActiveMQ, Apache ActiveMQ All. An unauthenticated network attacker can cause a broker DoS by sending a crafted WireFormatInfo frame with a malicious large size value. The value is not validate and causes t...
PT-2026-53838
Name of the Vulnerable Software and Affected Versions Apache ActiveMQ versions prior to 5.19.8 Apache ActiveMQ versions 6.0.0 through 6.2.6 Apache ActiveMQ All versions prior to 5.19.8 Apache ActiveMQ All versions 6.0.0 through 6.2.6 Apache ActiveMQ Stomp versions prior to 5.19.8 Apache ActiveMQ...
IBM MQ 9.2 < 9.2.0.43 LTS / 9.3 < 10.0.0.0 CD / 9.3 < 9.3.0.41 LTS / 9.4 < 9.4.0.25 LTS (7277719)
The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7277719 advisory. - follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request...
Security Bulletin: Multiple vulnerabilities in IBM MQ Agent images
Summary Multiple vulnerabilities were addressed in IBM MQ Agent images Vulnerability Details CVEID:CVE-2026-45134 DESCRIPTION: LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to LangSmith SDK Python 0.8.0 and JS/TS 0.6.0, the LangSmith SDK's prompt pull...
Security Bulletin: IBM MQ Appliance appliance is affected by multiple Java vulnerabilities
Summary IBM MQ Appliance has addressed multiple Java vulnerabilities. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability...
Security Bulletin: IBM MQ Appliance is affected by an information exposure vulnerability (CVE-2026-40895)
Summary IBM MQ Appliance has addressed an information exposure vulnerability. Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0, when an HTTP reque...
Security Bulletin: IBM MQ is affected by multiple Java vulnerabilities (CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007)
Summary Multiple issues were identified with the IBM Runtime Environment, Java Technology Edition which is shipped with IBM MQ Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to...
Security Bulletin: IBM MQ Console is affected by an exposure of sensitive information (CVE-2026-40895)
Summary IBM MQ console could allow a user to access sensitive information Vulnerability Details CVEID:CVE-2026-40895 DESCRIPTION: follow-redirects is an open source, drop-in replacement for Node's http and https modules that automatically follows redirects. Prior to 1.16.0, when an HTTP request...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: The separate reset and clock enable bits are removed for the 8MQ VPU. For the i.MX8MQ platform, the ADB in the VPUMIX domain does not have separate reset and clock enable bits. Instead, both are enabled...
CVE-2026-49121
A flaw was found in AI Tensor Engine for ROCm AITER. This vulnerability allows unauthenticated remote attackers to execute arbitrary code by sending a specially crafted data package, known as a pickle payload, to a ZeroMQ ZMQ subscriber socket. This exploitation is possible due to a lack of...
Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images
Summary Multiple vulnerabilities were addressed in IBM MQ Operator and Queue manager container images Vulnerability Details CVEID:CVE-2026-27142 DESCRIPTION: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an...
Security Bulletin: IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent
Summary IBM Tivoli Monitoring is included with IBM Tivoli Composite Application Manager for Applications WebSphere MQ Monitoring Agent Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocol...
Security Bulletin: IBM MQ Appliance is affected by multiple open source vulnerabilities (CVE-2026-23193, CVE-2026-23231, CVE-2026-3497)
Summary IBM MQ Appliance has addressed multiple open source vulnerabilities. Vulnerability Details CVEID:CVE-2026-3497 DESCRIPTION: Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions...
CVE-2026-42253
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...
CVE-2026-44393
An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When sslcafile is configured, the driver enables certificate chain validation but does not pass the expect...
CVE-2026-49121
AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...
CVE-2026-49121 AI Tensor Engine for ROCm (AITER) 0.1.14 Unauthenticated RCE via MessageQueue.recv() Pickle Deserialization
AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...