eclipse

268 tracked vulnerabilities.

CVE-2025-55078 MEDIUM
Eclipse ThreadX < 6.4.3 - Denial of Service via Invalid Memory Pointer
Oct 14, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-5115 HIGH
Eclipse Jetty <=9.4.57, <=10.0.25, <=11.0.25, <=12.0.21, <=12.1.0.alpha2 - Resource Exhaustion via HTTP/2 RST_STREAM
Aug 20, 2025
CVSS 7.5
EPSS 0.02
CVE-2025-7962 HIGH
Jakarta Mail 2.0.2 - Command Injection
Jul 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-6705 MEDIUM
Eclipse Open VSX Registry - Privilege Escalation
Jun 27, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-4949 MEDIUM
Eclipse JGit < 5.13.4 and 7.2.0.202503040940-r-7.2.1.202505142326-r - XXE in ManifestParser and AmazonS3
May 21, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-4447 HIGH
Eclipse OpenJ9 < 0.51.0 - Stack-based Buffer Overflow via Modified Startup File
May 09, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1948 HIGH
Eclipse Jetty 12.0.0-12.0.16 - Denial of Service via HTTP/2 SETTINGS_MAX_HEADER_LIST_SIZE
May 08, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2260 HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via HTTP PUT Request Handling
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2259 HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-2258 HIGH
Eclipse ThreadX NetX Duo < 6.4.3 - Denial of Service via Integer Underflow in HTTP Server
Apr 06, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-1471 HIGH
Eclipse OMR 0.2.0-0.4.0 - Out-of-bounds Write in z/OS atoe Print Functions
Feb 21, 2025
CVSS 7.8
EPSS 0.00
CVE-2025-1470 MEDIUM
Eclipse OMR < 0.4.0 - NULL Pointer Dereference in z/OS atoe Function Handling
Feb 21, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-0728 HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0727 HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-0726 HIGH
Eclipse ThreadX NetX Duo <6.4.2 - DoS
Feb 21, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-1007 MEDIUM
Eclipse OpenVSX 0.9.0-0.19.1 - Improper Authorization in Namespace Details API
Feb 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-9408 CRITICAL
Eclipse GlassFish >= 6.2.5 - Server-Side Request Forgery
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-9343 MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-9342 CRITICAL
Eclipse GlassFish <= 7.0.16 - Unauthenticated Login Brute Force
Jul 16, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-10032 MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10031 MEDIUM
Eclipse GlassFish 7.0.15 - Stored Cross-Site Scripting via Configuration File Modification
Jul 16, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-10029 MEDIUM
Eclipse GlassFish 7.0.15 - Reflected Cross-Site Scripting in Administration Console
Jul 16, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-13009 HIGH
Eclipse Jetty <9.4.56 - Buffer Overflow
May 08, 2025
CVSS 7.2
EPSS 0.00
CVE-2024-10838 CRITICAL
Eclipse Cyclone Data Distribution Service < 0.10.5 - Unauthenticated Integer Underflow via Deserialization
Mar 12, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-10917 LOW
Eclipse OpenJ9 0.8.0-0.47.0 - Integer Overflow in GetStringUTFLength
Nov 11, 2024
CVSS 3.7
EPSS 0.00