eclipse
260 tracked vulnerabilities.
CVE-2025-2259
HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-2258
HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-1471
HIGH
Eclipse OMR 0.2.0-0.4.0 - Out-of-bounds Write in z/OS atoe Print Functions
Feb 21, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1470
MEDIUM
Eclipse OMR < 0.4.0 - NULL Pointer Dereference in z/OS atoe Function Handling
Feb 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0728
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-0727
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-0726
HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-1007
MEDIUM
Eclipse OpenVSX 0.9.0-0.19.1 - Improper Authorization in Namespace Details API
Feb 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-9408
CRITICAL
Eclipse GlassFish >= 6.2.5 - Server-Side Request Forgery
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-9343
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-9342
CRITICAL
Eclipse GlassFish <= 7.0.16 - Unauthenticated Login Brute Force
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-10032
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10031
MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting via Configuration File Modification
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10029
MEDIUM
Eclipse GlassFish 7.0.15 - Reflected Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-13009
HIGH
Eclipse Jetty <9.4.56 - Buffer Overflow
May 08, 2025
CVSS 7.2
EPSS 0.01
CVE-2024-10838
CRITICAL
Eclipse Cyclone Data Distribution Service < 0.10.5 - Unauthenticated Integer Underflow via Deserialization
Mar 12, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-10917
LOW
Eclipse OpenJ9 0.8.0-0.47.0 - Integer Overflow in GetStringUTFLength
Nov 11, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-3935
MEDIUM
Eclipse Mosquitto 2.0.0-2.0.18 - Double Free via Crafted PUBLISH Packet in Bridge Connection
Oct 30, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-10525
CRITICAL
Eclipse Mosquitto 1.3.2-2.0.18 - Heap-based Buffer Overflow via Crafted SUBACK Packet
Oct 30, 2024
CVSS 9.8
EPSS 0.18
CVE-2024-8184
MEDIUM
Eclipse Jetty 9.3.12-9.4.55 and 12.0.0-12.0.8 - Unauthenticated Denial of Service via ThreadLimitHandler
Oct 14, 2024
CVSS 5.9
EPSS 0.01
CVE-2024-6763
LOW
Eclipse Jetty 7.0.0-9.4.56 & 12.0.0-12.0.11 - Open Redirect & SSRF via HttpURI Authority
Oct 14, 2024
CVSS 3.7
EPSS 0.01
CVE-2024-6762
LOW
Eclipse Jetty 10.0.0-10.0.17 - Unauthenticated Denial of Service via PushSessionCacheFilter
Oct 14, 2024
CVSS 3.1
EPSS 0.01
CVE-2024-9823
MEDIUM
Eclipse Jetty 9.0.0-9.4.53 and 12.0.0-12.0.2 - Unauthenticated Denial of Service via DosFilter Memory Exhaustion
Oct 14, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-8376
HIGH
Eclipse Mosquitto <2.0.18a - Use After Free
Oct 11, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-9329
MEDIUM
Eclipse Glassfish < 7.0.17 - Open Redirect via Host HTTP Parameter
Sep 30, 2024
CVSS 6.1
EPSS 0.01
Products
jetty 47
mosquitto 26
openj9 21
threadx_netx_duo 20
threadx_usbx 15
glassfish 12
vert.x 10
theia 7
omr 6
threadx 6
kura 5
californium 4
che 4
cyclone_data_distribution_service 4
business_intelligence_and_reporting_tools 3
eclipse_ide 3
jgit 3
memory_analyzer 3
mojarra 3
vert.x-web 3
cyclonedds 2
eclipse_dataspace_components 2
hawkbit 2
hono 2
jersey 2
keti 2
lemminx 2
open_vsx 2
openmq 2
parsson 2
Quick Filters