Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eclipse vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-2191
In Eclipse Jetty versions 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, SslConnection does not release ByteBuffers from configured ByteBufferPool in case of error code paths.
Eclipse Jetty
7.5
CVSSv3
CVE-2022-2048
In Eclipse Jetty HTTP/2 server implementation, when encountering an invalid HTTP/2 request, the error handling has a bug that can wind up not properly cleaning up the active connections and associated resources. This can lead to a Denial of Service scenario where there are no eno...
Eclipse Jetty
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Snapcenter -
Netapp Hci Compute Node -
Netapp Solidfire \\& Hci Storage Node -
Netapp Element Plug-in For Vcenter Server -
Netapp Management Services For Element Software And Netapp Hci -
Jenkins Jenkins
7.5
CVSSv3
CVE-2022-25647
The package com.google.code.gson:gson prior to 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
Google Gson
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Active Iq Unified Manager -
Oracle Retail Order Broker 18.0
Oracle Retail Order Broker 19.1
Oracle Graalvm 20.3.6
Oracle Graalvm 21.3.2
Oracle Graalvm 22.1.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
7.5
CVSSv3
CVE-2020-36518
jackson-databind prior to 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
Fasterxml Jackson-databind
Oracle Weblogic Server 12.2.1.3.0
Oracle Commerce Platform 11.3.1
Oracle Utilities Framework 4.3.0.5.0
Oracle Utilities Framework 4.3.0.6.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Primavera Unifier 19.12
Oracle Sd-wan Edge 9.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Coherence 14.1.1.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Global Lifecycle Management Nextgen Oui Framework 13.9.4.2.2
Oracle Primavera Unifier 20.12
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Primavera Gateway
Oracle Utilities Framework 4.4.0.3.0
Oracle Sd-wan Edge 9.1
Oracle Commerce Platform 11.3.0
Oracle Commerce Platform 11.3.2
Oracle Primavera Unifier 21.12
4 Github repositories
7.5
CVSSv3
CVE-2021-41040
In Eclipse Wakaama, ever since its inception until 2021-01-14, the CoAP parsing code does not properly sanitize network-received data.
Eclipse Wakaama 1.0
4 Github repositories
7.5
CVSSv3
CVE-2021-41039
In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service.
Eclipse Mosquitto
7.5
CVSSv3
CVE-2020-18735
A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
Eclipse Cyclone Data Distribution Service 0.1.0
7.5
CVSSv3
CVE-2020-18734
A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
Eclipse Cyclone Data Distribution Service 0.1.0
7.5
CVSSv3
CVE-2021-34433
In Eclipse Californium version 2.0.0 to 2.6.4 and 3.0.0-M1 to 3.0.0-M3, the certificate based (x509 and RPK) DTLS handshakes accidentally succeeds without verifying the server side's signature on the client side, if that signature is not included in the server's ServerK...
Eclipse Californium
Eclipse Californium 3.0.0
7.5
CVSSv3
CVE-2021-34432
In Eclipse Mosquitto versions 2.07 and previous versions, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.
Eclipse Mosquitto
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »