CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
A missing authorization vulnerability was found in Apache ActiveMQ for temporary destinations. Temporary destinations are expected to be isolated to the connection that created them, but the isolation is only checked on the client side, allowing a different connection to consume from another connection's temporary destination.
A vulnerability in Apache ActiveMQ allows an authenticated user to cause a DoS attack on the broker by sending a crafted OpenWire message with an excessive map size value. The lack of size validation during deserialization of message property maps can trigger OOM and crash the broker.
A vulnerability in Apache ActiveMQ allows an unauthenticated client to send non-terminating header bytes via STOMP NIO, causing unlimited buffering and JVM heap exhaustion.
A Cross-site Scripting (XSS) vulnerability was found in Apache ActiveMQ and its Web Console. The browse page renders a message ID without sanitization, allowing an authenticated producer to send a crafted JMS message ID containing HTML/JavaScript. When an administrator browses the queue, the payload executes in their browser.
A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to cause Out of Memory (OOM) by sending repeated BrokerInfo commands without ConnectionInfo, leading to broker crash.
A vulnerability in Apache ActiveMQ allows an unauthenticated attacker to remotely cause a Denial of Service (DoS) of the broker by sending a crafted WireFormatInfo frame with a maliciously large size value. The lack of validation leads to memory allocation attempts during pre-auth negotiation, potentially causing an Out-of-Memory (OOM) condition and broker crash.
An improper authorization vulnerability was found in Apache ActiveMQ. By default, an authenticated low-privilege Web Console user can access /admin/* paths, which should be restricted to admins. The issue is caused by incorrect default Jetty settings.
An improper input validation vulnerability in Apache ActiveMQ allows an attacker with LDAP access to instantiate denied transports within the broker JVM. This can be exploited to fetch a malicious URL and spawn a second BrokerService in the same JVM.
An improper input validation vulnerability exists in Apache ActiveMQ's STOMP protocol. A remote unauthenticated attacker can send a negative content-length header, causing denial-of-service (DoS). For NIO STOMP transport, this leads to out-of-memory (OOM), while for blocking STOMP it causes connection errors and closure.
A flaw has been found in Foreman where HTTP parameters can be modified in http_proxies_controller and http_proxy files. Attackers can perform an SSRF attack and steal cloud metadata service on AWS, GCP, or Azure environments.
The EventON plugin for WordPress up to version 5.0.11 is vulnerable to SQL injection via the 'search' parameter. Insufficient escaping and lack of query preparation allow unauthenticated attackers to append additional SQL queries, enabling extraction of sensitive database information if the 'Enable additional search queries' setting is enabled and at least one published event exists.
The Ajax Load More - Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'taxonomy_include_children' parameter in all versions up to and including 3.4.1 due to insufficient input sanitization and output escaping.
Cross-Site Scripting (XSS) vulnerability in Intermark IT's WebControl CMS v3.5. An attacker can execute JavaScript code or inject a dynamic iframe into the victim's browser by sending a malicious URL via the 'urlDestino' parameter in '/portal.do'.
An HTML injection vulnerability has been discovered in Intermark IT's WebControl CMS v3.5. An attacker can send an email containing malicious HTML code to a victim via the contact form. Exploitation requires sending a request with the 'nombreApellidos', 'dirección', and 'comentarios' parameters to '/processContact.do'.
A vulnerability in the brace-expansion library up to version 5.0.6 allows a DoS attack by sending a specially crafted string. The expand() function has exponential time complexity when processing many consecutive non-expanding '{}' brace groups, causing high CPU consumption and event-loop blocking. The max option does not mitigate this because it limits output size, not recursion work.
A use-after-free vulnerability was found in the SSSD (System Security Services Daemon) PAM component responsible for YubiKey authentication. The flaw is caused by improper memory pointer handling, which can lead to a crash. A local attacker could exploit this by manipulating smartcard or YubiKey contents.
Raytha CMS is vulnerable to SQL Injection in the OData filter parsing pipeline. This allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction.
The vulnerability in PROMOD V is due to the use of insecure HTTP instead of HTTPS. The issue originates from the Digipede server lacking HTTPS support.
A vulnerability in Nokia MantaRay NM allows a local attacker with local admin privileges to escalate to full root privileges on the host. Successful exploitation results in root-level filesystem access and the ability to execute actions as root.
Nokia MantaRay is affected by an Improper Access Control vulnerability due to insufficient authorization in the API. An authenticated attacker can retrieve confidential information beyond their assigned privileges.

