BIT-ACTIVEMQ-2020-11998

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...

CVE-2024-26996 usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: Fix UAF ncm object at re-bind after usb ep transport error When ncm function is working and then stop usb0 interface for link down, ethstop is called. At this piont, accidentally if usb transport error should...

GHSA-WQFH-9M4G-7X6X Remote code execution in Apache ActiveMQ

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack - A remote client could create a...

Remote Code Execution

activemq-broker is vulnerable to remote code execution. A regression that prevents JMX re-bind allows an attacker to execute arbitrary code by passing an empty environment map to MIConnectorServer instead of the map that contains the authentication credentials...