eclipse
268 tracked vulnerabilities.
CVE-2025-55078
MEDIUM
Eclipse ThreadX < 6.4.3 - Denial of Service via Invalid Memory Pointer
Oct 14, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-5115
HIGH
Eclipse Jetty <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2 - Resource Exhaustion via HTTP/2 RST_STREAM
Aug 20, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-7962
HIGH
Jakarta Mail 2.0.2 - Command Injection
Jul 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-6705
MEDIUM
Eclipse Open VSX Registry - Privilege Escalation
Jun 27, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-4949
MEDIUM
Eclipse JGit < 5.13.4 and 7.2.0.202503040940-r-7.2.1.202505142326-r - XXE in ManifestParser and AmazonS3
May 21, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-4447
HIGH
Eclipse OpenJ9 < 0.51.0 - Stack-based Buffer Overflow via Modified Startup File
May 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1948
HIGH
Eclipse Jetty 12.0.0-12.0.16 - Denial of Service via HTTP/2 SETTINGS_MAX_HEADER_LIST_SIZE
May 08, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2260
HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via HTTP PUT Request Handling
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2259
HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2258
HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-1471
HIGH
Eclipse OMR 0.2.0-0.4.0 - Out-of-bounds Write in z/OS atoe Print Functions
Feb 21, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1470
MEDIUM
Eclipse OMR < 0.4.0 - NULL Pointer Dereference in z/OS atoe Function Handling
Feb 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0728
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0727
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0726
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-1007
MEDIUM
Eclipse OpenVSX 0.9.0-0.19.1 - Improper Authorization in Namespace Details API
Feb 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-9408
CRITICAL
Eclipse GlassFish >= 6.2.5 - Server-Side Request Forgery
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-9343
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-9342
CRITICAL
Eclipse GlassFish <= 7.0.16 - Unauthenticated Login Brute Force
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-10032
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10031
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting via Configuration File Modification
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10029
MEDIUM
Eclipse GlassFish 7.0.15 - Reflected Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-13009
HIGH
Eclipse Jetty <9.4.56 - Buffer Overflow
May 08, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-10838
CRITICAL
Eclipse Cyclone Data Distribution Service < 0.10.5 - Unauthenticated Integer Underflow via Deserialization
Mar 12, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-10917
LOW
Eclipse OpenJ9 0.8.0-0.47.0 - Integer Overflow in GetStringUTFLength
Nov 11, 2024
CVSS 3.7
EPSS 0.00
Products
jetty 47
mosquitto 26
openj9 21
threadx_netx_duo 21
threadx_usbx 15
glassfish 12
theia 11
vert.x 10
omr 6
threadx 6
kura 5
californium 4
che 4
cyclone_data_distribution_service 4
open_vsx 4
business_intelligence_and_reporting_tools 3
eclipse_ide 3
jgit 3
memory_analyzer 3
mojarra 3
vert.x-web 3
cyclonedds 2
eclipse_dataspace_components 2
hawkbit 2
hono 2
jersey 2
keti 2
lemminx 2
openmq 2
parsson 2
Quick Filters