eclipse

260 tracked vulnerabilities.

CVE-2018-20145 HIGH
Eclipse Mosquitto <1.5.5 - Auth Bypass
Dec 13, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-12543 HIGH
Eclipse Mosquitto 1.5.0-1.5.2 - Denial of Service via Invalid Topic String
Nov 15, 2018
CVSS 7.5
EPSS 0.03
CVE-2018-12544 CRITICAL
Eclipse Vert.x 3.5.Beta1-3.5.3 - XML External Entity Injection via OpenAPI XML Type Validator
Oct 10, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-12542 CRITICAL
Eclipse Vert.x <3.5.3 - Path Traversal
Oct 10, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-12541 MEDIUM
Eclipse Vert.x <3.5.3 - Memory Corruption
Oct 10, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-1000644 CRITICAL
Eclipse RDF4j < 2.4.0 - XML External Entity Injection in RDF XML Parser
Aug 20, 2018
CVSS 10.0
EPSS 0.00
CVE-2018-12539 HIGH
Eclipse OpenJ9 0.8 - Privilege Escalation
Aug 14, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-12537 MEDIUM
Eclipse Vert.x <3.5.1 - Code Injection
Aug 14, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-14371 HIGH
Eclipse Mojarra <2.3.7 - Path Traversal
Jul 18, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-12540 HIGH
Eclipse Vert.x 3.0.0-3.5.2 - Cross-Site Request Forgery via XSRF Token Replay
Jul 12, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-12536 MEDIUM
Eclipse Jetty Server 9.x - Info Disclosure
Jun 27, 2018
CVSS 5.3
EPSS 0.04
CVE-2018-12538 HIGH
Eclipse Jetty <9.4.8 - Privilege Escalation
Jun 22, 2018
CVSS 8.8
EPSS 0.01
CVE-2017-7655 HIGH
Eclipse Mosquitto <1.4.15 - Info Disclosure
Mar 27, 2019
CVSS 7.5
EPSS 0.01
CVE-2017-7658 CRITICAL
Eclipse Jetty Server <9.2.x-9.4.x - Info Disclosure
Jun 26, 2018
CVSS 9.8
EPSS 0.09
CVE-2017-7657 CRITICAL
Eclipse Jetty <9.2.x, 9.3.x - Buffer Overflow
Jun 26, 2018
CVSS 9.8
EPSS 0.07
CVE-2017-7656 HIGH
Eclipse Jetty <9.2 - HTTP/0.9 Handling
Jun 26, 2018
CVSS 7.5
EPSS 0.08
CVE-2017-7654 HIGH
Eclipse Mosquitto < 1.4.15 - Unauthenticated Memory Leak via Crafted CONNECT Packets
Jun 05, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-7653 MEDIUM
Eclipse Mosquitto < 1.4.15 - Denial of Service via Invalid UTF-8 Topic String
Jun 05, 2018
CVSS 5.3
EPSS 0.01
CVE-2017-7652 HIGH
Eclipse Mosquitto 1.0-1.4.14 - Denial of Service via Configuration Reload
Apr 25, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-7651 HIGH
Eclipse Mosquitto < 1.4.14 - Unauthenticated Denial of Service via MQTT Connection Flood
Apr 24, 2018
CVSS 7.5
EPSS 0.23
CVE-2017-8315 HIGH
Eclipse IDE <= 2017.2.5 - XML External Entity Injection via AndroidManifest.xml
Apr 20, 2018
CVSS 7.5
EPSS 0.01
CVE-2017-7650 MEDIUM
Mosquitto < 1.4.12 - Improper Authentication via Username/Client ID Bypass
Sep 11, 2017
CVSS 6.5
EPSS 0.01
CVE-2017-7649 CRITICAL
Eclipse Kura < 2.1.0 - Unauthenticated Remote Command Execution via Equinox Console
Sep 11, 2017
CVSS 9.8
EPSS 0.00
CVE-2017-9868 MEDIUM
Mosquitto <1.4.12 - Info Disclosure
Jun 25, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-9735 HIGH
Jetty < 9.2.22 and 9.4.0-9.4.6.v20170531 - Timing Attack via Password Validation
Jun 16, 2017
CVSS 7.5
EPSS 0.01
Products
jetty 47 mosquitto 26 openj9 21 threadx_netx_duo 20 threadx_usbx 15 glassfish 12 vert.x 10 theia 7 omr 6 threadx 6 kura 5 californium 4 che 4 cyclone_data_distribution_service 4 business_intelligence_and_reporting_tools 3 eclipse_ide 3 jgit 3 memory_analyzer 3 mojarra 3 vert.x-web 3 cyclonedds 2 eclipse_dataspace_components 2 hawkbit 2 hono 2 jersey 2 keti 2 lemminx 2 open_vsx 2 openmq 2 parsson 2
Quick Filters
Critical CVEs With Exploits In CISA KEV