Filtered by vendor Redhat
Subscriptions
Filtered by product Fuse Mq Enterprise
Subscriptions
Total
23 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-6551 | 2 Apache, Redhat | 2 Activemq, Fuse Mq Enterprise | 2024-11-21 | N/A |
The default configuration of Apache ActiveMQ before 5.8.0 enables a sample web application, which allows remote attackers to cause a denial of service (broker resource consumption) via HTTP requests. | ||||
CVE-2012-6092 | 2 Apache, Redhat | 2 Activemq, Fuse Mq Enterprise | 2024-11-21 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the web demos in Apache ActiveMQ before 5.8.0 allow remote attackers to inject arbitrary web script or HTML via (1) the refresh parameter to PortfolioPublishServlet.java (aka demo/portfolioPublish or Market Data Publisher), or vectors involving (2) debug logs or (3) subscribe messages in webapp/websocket/chat.js. NOTE: AMQ-4124 is covered by CVE-2012-6551. | ||||
CVE-2011-4461 | 3 Mortbay, Oracle, Redhat | 5 Jetty, Sun Storage Common Array Manager, Fuse Esb Enterprise and 2 more | 2024-11-21 | N/A |
Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. |