Filters

maven/org.eclipse.edc:transfer-data-planeEclipse EDC: Consumer pull transfer token validation checks not applied

8.1
EPSS
0.06%
First published (updated )

maven/io.vertx:vertx-grpc-clientEclipse Vert.x gRPC server does not limit the maximum message size

7.5
EPSS
0.04%
First published (updated )

Eclipse Memory AnalyzerXEE

7.1
EPSS
0.05%
First published (updated )

Eclipse ParssonParsson DoS when parsing numbers from untrusted sources

7.5
First published (updated )

Eclipse MosquittoUnconditionally adding an event to the epoll causes excessive CPU consumption

7.5
EPSS
0.04%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/org.eclipse.jetty.http2:http2-hpackHTTP/2 HPACK integer overflow and buffer allocation

7.5
First published (updated )

Apache Tomcat- Rapid Reset HTTP/2 vulnerability

First published (updated )

Eclipse MosquittoIn Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will me…

7.5
First published (updated )

Eclipse JGitImproper handling of case insensitive filesystems in Eclipse JGit allows arbitrary file write

8.8
First published (updated )

Eclipse MosquittoThe broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse Business Intelligence And Reporting ToolsInput Validation

8.8
First published (updated )

Eclipse GlassFishPath Traversal

7.5
First published (updated )

Eclipse CaliforniumCalifornium Failing DTLS handshakes causes Data Loss due to throttling blocking processing of records

8.2
First published (updated )

Eclipse MiloDenial of Service (DoS)

7.5
First published (updated )

Eclipse CaliforniumIn Eclipse Californium version 2.0.0 to 2.7.2 and 3.0.0-3.5.0 a DTLS resumption handshake falls back…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

maven/org.eclipse.jetty.http2:http2-serverA flaw was found in the Eclipse Jetty http2-server package. This flaw allows an attacker to cause a …

7.5
First published (updated )

Eclipse JettyA flaw was found in the Jetty-server package. This flaw allows an attacker to send invalid requests,…

7.5
First published (updated )

Eclipse WakaamaIn Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not proper…

7.5
First published (updated )

Eclipse MosquittoIn versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of …

7.5
First published (updated )

Eclipse CheThe build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an un…

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse EquinoxIn all released versions of Eclipse Equinox, at least until version 4.21 (September 2021), installat…

8.1
First published (updated )

Eclipse TheiaIn Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in…

8.8
First published (updated )

Eclipse Cyclone Data Distribution ServiceBuffer Overflow

7.5
First published (updated )

Eclipse Cyclone Data Distribution ServiceBuffer Overflow

7.5
First published (updated )

Eclipse CaliforniumIn Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse MosquittoInput Validation

7.5
First published (updated )

Eclipse TinyDTLSWeak Encryption, Weak RNG

7.5
First published (updated )

maven/org.eclipse.jetty:jetty-serverIn Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage ca…

7.8
First published (updated )

redhat/eap7-apache-commons-ioInput Validation

7.5
First published (updated )

CVE-2020-27225In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate activ…

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse JettyEclipse Jetty is vulnerable to a denial of service, caused by an error when handling a request conta…

7.5
First published (updated )

Eclipse CaliforniumA flaw was found in californium. The certificate based (x509 and RPK) DTLS handshakes fails due to t…

7.5
First published (updated )

Eclipse Vert.x-WebCSRF

8.8
First published (updated )

Eclipse HonoIn Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP m…

7.5
First published (updated )

Eclipse JettyRace Condition

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse Web Tools PlatformXEE

7.1
First published (updated )

redhat/che-theiaCSRF

7.1
First published (updated )

Eclipse TheiaIn Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is …

8.1
First published (updated )

Eclipse Memory AnalyzerEclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if a…

7.8
First published (updated )

Eclipse CheCSRF

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Eclipse JettyInfoleak

7.5
First published (updated )

Xml Language Server Project Xml Server ProjectXEE, SSRF

8.8
First published (updated )

Eclipse OMRCode Injection

7.8
First published (updated )

Eclipse OMRPrior to 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize…

7.4
First published (updated )

redhat/Eclipse Paho Java Client versionIn the Eclipse Paho Java client library version 1.2.0, when connecting to an MQTT server using TLS a…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Redhat Enterprise Linux DesktopAll builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loop versioner may fail to privat…

7.4
First published (updated )

Eclipse Openj9Code Injection

7.8
First published (updated )

Eclipse BuildshipIn Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is resolvin…

8.1
First published (updated )

Eclipse XtendAll Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and …

8.1
First published (updated )

Eclipse VortoEclipse Vorto versions prior to 0.11 resolved Maven build artifacts for the Xtext project over HTTP …

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203