Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eclipse vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2022-36022
Deeplearning4J is a suite of tools for deploying and training deep learning models using the JVM. Packages org.deeplearning4j:dl4j-examples and org.deeplearning4j:platform-tests through version 1.0.0-M2.1 may use some unclaimed S3 buckets in tests in examples. This is likely affe...
Eclipse Deeplearning4j
Eclipse Deeplearning4j 1.0.0
5.3
CVSSv3
CVE-2019-17639
In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefine...
Eclipse Openj9 0.21.0
Eclipse Openj9
8.8
CVSSv3
CVE-2020-27220
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command targe...
Eclipse Hono 1.5.0
Eclipse Hono
7.5
CVSSv3
CVE-2020-27217
In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment...
Eclipse Hono 1.4.0
Eclipse Hono 1.3.0
6.1
CVSSv3
CVE-2021-28161
In Eclipse Theia versions up to and including 1.8.0, in the debug console there is no HTML escaping, so arbitrary Javascript code can be injected.
Eclipse Theia
7.8
CVSSv3
CVE-2019-11771
AIX builds of Eclipse OpenJ9 prior to 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
Eclipse Openj9
7.4
CVSSv3
CVE-2019-11774
before 0.1, all builds of Eclipse OMR contain a bug where the loop versioner may fail to privatize a value that is pulled out of the loop by versioning - for example if there is a condition that is moved out of the loop that reads a field we may not privatize the value of that fi...
Eclipse Omr
8.1
CVSSv3
CVE-2021-41034
The build of some language stacks of Eclipse Che version 6 includes pulling some binaries from an unsecured HTTP endpoint. As a consequence the builds of such stacks are vulnerable to MITM attacks that allow the replacement of the original binaries with arbitrary ones. The stacks...
Eclipse Che
6.1
CVSSv3
CVE-2021-41038
In versions of the @theia/plugin-ext component of Eclipse Theia before 1.18.0, Webview contents can be hijacked via postMessage().
Eclipse Theia
NA
CVE-2009-4521
Cross-site scripting (XSS) vulnerability in birt-viewer/run in Eclipse Business Intelligence and Reporting Tools (BIRT) prior to 2.5.0, as used in KonaKart and other products, allows remote malicious users to inject arbitrary web script or HTML via the __report parameter.
Eclipse Birt
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »