98 matches found
CVE-2023-54344
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...
Linux Distros Unpatched Vulnerability : CVE-2023-54342
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to...
EUVD-2023-60563
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...
CVE-2023-54344
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...
CVE-2023-54344 Eclipse Equinox OSGi 3.7.2 Remote Code Execution via Console
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...
CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...
CVE-2023-54344
Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...
Eclipse Equinox OSGi 访问控制错误漏洞
Eclipse Equinox OSGi is a modular runtime framework developed by the Eclipse Foundation. Versions 3.8 to 3.18 of Eclipse Equinox OSGi contain access control vulnerability issues. This vulnerability stems from a remote code execution flaw in the console interface, allowing unauthenticated attacker...
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.3), org.apache.activemq:activemq-web-console (>=6.0.0 <=6.2.3) +2 more potentially affected by CVE-2026-41043 via org.apache.activemq:activemq-web (>=6.0.0 <=6.2.3)
org.apache.activemq:activemq-web MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2026-41043 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-16323116...
com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.3) +5 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.3)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.3 Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7FX...
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.1), org.apache.activemq:activemq-web-console (>=6.0.0 <=6.2.1) +2 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-web (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-web MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 Source cves: CVE-2026-33227 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15930950...
org.apache.activemq:activemq-http (>=6.0.0 <=6.2.1), org.apache.activemq:activemq-karaf (>=6.0.0 <=6.2.1) +4 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-mqtt (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-mqtt MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 Source cves: CVE-2026-33227 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15930952...
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.1), org.apache.activemq:activemq-unit-tests (>=6.0.0 <=6.2.1) +4 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-stomp (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-stomp MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 - org.fcrepo:fcrepo-jms =7.0.0-RC1 - org.fcrepo:fcrepo-webapp =7.0.0-RC1 Source cves: CVE-2026-33227 Source advisory: SNYK:JAVA-ORGAPACHEACTIVEMQ-15930951...
com.espertech:esperio-springjms (=9.0.0), org.apache.activemq.tooling:activemq-maven-plugin (>=6.0.0 <=6.2.1) +5 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-all (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-all MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 Source cves: CVE-2026-33227 Source advisory: OSV:GHSA-H2H4-5M64-M273...
org.apache.activemq:activemq-osgi (>=6.0.0 <=6.2.1), org.apache.activemq:activemq-web-console (>=6.0.0 <=6.2.1) +2 more potentially affected by CVE-2026-33227 via org.apache.activemq:activemq-web (>=6.0.0 <=6.2.1)
org.apache.activemq:activemq-web MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.2.1 Source cves: CVE-2026-33227 Source advisory: OSV:GHSA-H2H4-5M64-M273...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33939 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33939 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807043...
org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +6 more potentially affected by CVE-2026-33938 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)
org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33938 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803083...
EUVD-2018-1200
Malware in sbrugna...
EUVD-2021-0734
Malware in sbrugna...
The vulnerability in the Web Console management console for OSGi frameworks like Apache Felix allows a attacker to execute cross-site scripting attacks.
The vulnerability of the Web Console Management for OSGi frameworks like Apache Felix is related to the lack of protective measures for the structure of web pages. Exploiting this vulnerability allows a malicious actor to carry out a cross-site scripting attack remotely...