Filter
AND
Software
eclipse jetty
20
eclipse mosquitto
10
eclipse openj9
5
eclipse eclipse ide
3
eclipse theia
3
eclipse glassfish
2
eclipse kura
2
eclipse lemminx
2
eclipse mojarra
2
eclipse vert.x
2
eclipse birt
1
eclipse business intelligence and reporting tools
1
eclipse che
1
eclipse deeplearning4j
1
eclipse hawkbit
1
eclipse jersey
1
eclipse lyo
1
eclipse org.eclipse.core.runtime
1
eclipse pde
1
eclipse sphinx
1
eclipse vert.x stomp
1
eclipse vert.x-web
1
eclipse wild web developer
1
maven/org.eclipse.jetty:jetty-serverJetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
6.5
EPSS
0.04%
First published (updated )
maven/org.eclipse.jetty:jetty-servletsJetty PushSessionCacheFilter can cause remote DoS attacks
6.5
First published (updated )
maven/org.eclipse.jetty:jetty-httpJetty URI parsing of invalid authority
5.3
First published (updated )
maven/org.glassfish.main.admin:rest-serviceGlassfish redirect to untrusted site
6.9
EPSS
0.04%
First published (updated )
maven/org.glassfish.main.web:web-coreEclipse Glassfish: URL redirection vulnerability to untrusted sites
6.1
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse Openj9Eclipse OpenJ9 possible infinite busy hang
5.9
EPSS
0.04%
First published (updated )
maven/org.eclipse.jdt:org.eclipse.jdt.uiXXE in eclipse.platform / Eclipse IDE
First published (updated )
Eclipse JettyJetty's OpenId Revoked authentication allows one request
4.3
First published (updated )
Eclipse JettyJetty accepts "+" prefixed value in Content-Length
5.3
First published (updated )
Eclipse JettyJetty vulnerable to errant command quoting in CGI Servlet
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
debian/mosquittoIn Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that ar…
5.8
First published (updated )
Eclipse Vert.x StompVert.x STOMP server process client frames that would not send initially a connect frame
6.5
First published (updated )
maven/org.eclipse.jetty:jetty-serverEclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServl…
5.3
First published (updated )
IBM Cloud Pak for Business AutomationDisclosure of classpath resources on Windows when mounted on a wildcard route in vertx-web
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse Deeplearning4jSome Deeplearning4J packages use unclaimed s3 bucket in tests and examples
5.3
First published (updated )
IBM Cloud Pak for Business AutomationInput Validation
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Oracle Java SEIn Eclipse Openj9 before version 0.32.0, Java 8 & 11 fail to throw the exception captured during byt…
5.3
First published (updated )
Eclipse TheiaIn versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents ca…
6.1
First published (updated )
Fedoraproject FedoraIn Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability …
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Eclipse MosquittoIn Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT …
6.5
First published (updated )
IBM Cognos AnalyticsEclipse Openj9 could allow a remote attacker to bypass security restrictions, caused by a flaw in th…
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.