eclipse

260 tracked vulnerabilities.

CVE-2020-35217 HIGH
Vert.x-Web 4.0.0-milestone1-4.0.0-milestone4 - Cross-Site Request Forgery via Incorrect Token Verification
Jan 20, 2021
CVSS 8.8
EPSS 0.00
CVE-2020-27220 HIGH
Eclipse Hono - Privilege Escalation
Jan 14, 2021
CVSS 8.8
EPSS 0.00
CVE-2020-27219 MEDIUM
Eclipse Hawkbit <0.3.0M7 - Info Disclosure
Jan 14, 2021
CVSS 6.1
EPSS 0.00
CVE-2020-14368 HIGH
Eclipse Che < 7.14.0 - Cross-Site Request Forgery via SameSite Cookie Misconfiguration
Dec 14, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-27218 MEDIUM
Eclipse Jetty 9.4.0-9.4.34 - Sensitive Information Exposure via GZIP Request Body Reuse
Nov 28, 2020
CVSS 4.8
EPSS 0.01
CVE-2020-27217 HIGH
Eclipse Hono 1.3.0 and 1.4.0 - Denial of Service via Oversized AMQP Message
Nov 13, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-27216 HIGH
Eclipse Jetty <9.4.32.v20200930, 10.0.0.alpha1-11.0.0.beta2 - Info ...
Oct 23, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-10689 MEDIUM
Eclipse Che <7.8.x - Privilege Escalation
Apr 03, 2020
CVSS 6.4
EPSS 0.00
CVE-2019-17640 CRITICAL
Eclipse Vert.x 3.4.0-3.9.4 - Path Traversal via StaticHandler on Windows
Oct 15, 2020
CVSS 9.8
EPSS 0.02
CVE-2019-17639 MEDIUM
Eclipse OpenJ9 < 0.21 - Type Confusion via System.arraycopy
Jul 15, 2020
CVSS 5.3
EPSS 0.01
CVE-2019-17637 HIGH
Eclipse Web Tools Platform < 3.18 - XML External Entity Injection via DTD File Processing
Jul 15, 2020
CVSS 7.1
EPSS 0.00
CVE-2019-17638 CRITICAL
Eclipse Jetty <9.4.29 - Use After Free
Jul 09, 2020
CVSS 9.4
EPSS 0.31
CVE-2019-17636 HIGH
Eclipse Theia 0.3.9-0.15.0 - Unauthenticated Arbitrary File Read via Mini-Browser HTTP Endpoint
Mar 10, 2020
CVSS 8.1
EPSS 0.00
CVE-2019-17635 HIGH
Eclipse Memory Analyzer < 1.9.1 - Deserialization of Untrusted Data via Malicious Index File
Jan 17, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-17634 CRITICAL
Eclipse Memory Analyzer < 1.9.1 - Stored Cross-Site Scripting via Malicious Heap Dump HTML Report
Jan 17, 2020
CVSS 9.0
EPSS 0.01
CVE-2019-17633 HIGH
Eclipse Che 6.16.0-7.3.0 - Unauthenticated Workspace Creation via CSRF
Dec 19, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-17632 MEDIUM
Eclipse Jetty 9.4.21.v20190926-9.4.23.v20191118 - Cross-Site Scripting in Default Error Response
Nov 25, 2019
CVSS 6.1
EPSS 0.01
CVE-2019-18213 HIGH
XML Language Server < 0.9.1 - XML External Entity Injection via Crafted XML Document
Oct 23, 2019
CVSS 8.8
EPSS 0.01
CVE-2019-18212 MEDIUM
XML Language Server < 0.9.1 - Path Traversal and Arbitrary File Write
Oct 23, 2019
CVSS 6.5
EPSS 0.01
CVE-2019-17631 CRITICAL
Eclipse OpenJ9 0.15.0-0.16.0 - Unauthenticated Improper Privilege Management
Oct 17, 2019
CVSS 9.1
EPSS 0.00
CVE-2019-17091 MEDIUM
Eclipse Mojarra 2.3.0-2.3.9 - Reflected Cross-Site Scripting in PartialViewContextImpl
Oct 02, 2019
CVSS 6.1
EPSS 0.06
CVE-2019-11779 MEDIUM
Eclipse Mosquitto <1.7 - Buffer Overflow
Sep 19, 2019
CVSS 6.5
EPSS 0.06
CVE-2019-11778 MEDIUM
Eclipse Mosquitto <1.6.5 - Use After Free
Sep 18, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-11774 HIGH
Eclipse OMR < 0.1 - Time-of-check Time-of-use Race Condition
Sep 12, 2019
CVSS 7.4
EPSS 0.00
CVE-2019-11773 HIGH
Eclipse OMR <0.1 - Code Injection/Privilege Escalation
Sep 12, 2019
CVSS 7.8
EPSS 0.00
Products
jetty 47 mosquitto 26 openj9 21 threadx_netx_duo 20 threadx_usbx 15 glassfish 12 vert.x 10 theia 7 omr 6 threadx 6 kura 5 californium 4 che 4 cyclone_data_distribution_service 4 business_intelligence_and_reporting_tools 3 eclipse_ide 3 jgit 3 memory_analyzer 3 mojarra 3 vert.x-web 3 cyclonedds 2 eclipse_dataspace_components 2 hawkbit 2 hono 2 jersey 2 keti 2 lemminx 2 open_vsx 2 openmq 2 parsson 2
Quick Filters
Critical CVEs With Exploits In CISA KEV