org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (=1.3.0) +2 more potentially affected by CVE-2026-49157 via org.apache.activemq:apache-activemq (=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.activemq:apache-activemq and may be impacted: - org.apache.axis2:axis2-integration =1.4 - org.apache.camel:camel-example-cxf =1.3.0 -...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-41044 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-41044 Source advisory: OSV:GHSA-MR6M-XJ7V-3CV3...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-41043 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-41043 Source advisory: OSV:GHSA-2JP3-2923-9H52...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2026-39304 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7FX...

[SECURITY] Fedora 42 Update: qt5-qtxmlpatterns-5.15.18-1.fc42

The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...

EUVD-2008-3840

Malware in sbrugna...

BIT-NIFI-2022-29265 Improper Restriction of XML External Entity References in Multiple Components

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML...

O2OA 安全漏洞

O2OA is an enterprise application development platform from O2OA Open Source. A security vulnerability exists in O2OA 10.0-410 and earlier versions, which originates from a cross-site scripting due to incorrect manipulation of the parameters description/applicationName/queryName in the file...

The vulnerability of Websoft HCM’s automation software for HR processes stems from insufficient validation of input data, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to insufficient verification of entered data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a specially crafted XQuery quer...

[SECURITY] Fedora 40 Update: qt5-qtxmlpatterns-5.15.14-1.fc40

The Qt XML Patterns module provides support for XPath, XQuery, XSLT, and XML Schema validation...

PT-2024-41448 · Ооо "Вебсофт Девелопмент" · Websoft Hcm

Уязвимость программного обеспечения автоматизации HR-процессов Websoft HCM связана с недостаточной проверкой вводимых данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, получить несанкционированный доступ к защищаемой информации путём отправки специально...

[SECURITY] Fedora 40 Update: kawa-3.1.1-19.fc40

Kawa is an implementation of the Scheme programming language. It is implemented in Java, and compiles Scheme into Java byte-codes. It also includes an XQuery implementation, accessible via the qexo script...

org.apache.axis2:axis2-integration (=1.4), org.apache.camel:camel-example-cxf (>=1.2.0 <=1.3.0) +3 more potentially affected by CVE-2022-41678 via org.apache.activemq:apache-activemq (>=4.1.1 <=5.0.0)

org.apache.activemq:apache-activemq MAVEN version =4.1.1, =1.2.0, =1.1.0, =1.3.0 - org.apache.camel:camel-example-spring =1.2.0 - org.apache.camel:camel-example-spring-xquery =1.3.0 Source cves: CVE-2022-41678 Source advisory: OSV:GHSA-53V4-42FG-G287...

The vulnerability of Websoft HCM’s automation software for HR processes lies in the lack of procedures for neutralizing special elements in output data, which allows attackers to carry out attacks aimed at altering the query logic in the XQuery language against the database.

The vulnerability of Websoft HCM’s automation software for HR processes is related to deficiencies in the process of eliminating special elements from output data. Exploiting this vulnerability allows a malicious actor to remotely carry out an attack aimed at altering the query logic in the XQuer...

GitHub Security Lab: Java: CWE-652 Improper Neutralization of Data within XQuery Expressions ('XQuery Injection')

This bug was reported directly to GitHub Security Lab...

Intramaps <= 7.0.128 Rev 318 Multiple Vulnerabilities - Active Check

Intramaps is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mac OS X Security Update 2007-009

The remote host is missing Security Update 2007-009. One or more of the following components are affected: Address Book CFNetwork ColorSync Core Foundation CUPS Desktop Services Flash Player Plug-in GNU Tar iChat IO Storage Family Launch Services Mail perl python Quick Look ruby Safari Safari RSS...

Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003

The remote host is missing Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003. One or more of the following components are affected: bzip2 CFNetwork ColorSync CoreTypes Dock Image RAW ImageIO Kernel launchd Login Window MobileMe Networking XQuery OpenVAS Vulnerability Test Mac OS X 10.5.8...

Mac OS X Security Update 2007-009

The remote host is missing Security Update 2007-009. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Mac OS X 10.5.x < 10.5.8 Multiple Vulnerabilities

The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.8. Mac OS X 10.5.8 contains security fixes for the following products : - bzip2 - CFNetwork - ColorSync - CoreTypes - Dock - Image RAW - ImageIO - Kernel - launchd - Login Window - MobileMe - Networking - XQuery C Tenab...