Filtered by vendor Redhat Subscriptions
Filtered by product Fuse Mq Enterprise Subscriptions
Total 23 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-6551 2 Apache, Redhat 2 Activemq, Fuse Mq Enterprise 2024-11-21 N/A
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests.
CVE-2012-6092 2 Apache, Redhat 2 Activemq, Fuse Mq Enterprise 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551.
CVE-2011-4461 3 Mortbay, Oracle, Redhat 5 Jetty, Sun Storage Common Array Manager, Fuse Esb Enterprise and 2 more 2024-11-21 N/A
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.