Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eclipse eclipse ide vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0740
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a remote code execution vulnerability that does not require authentication. The fixed version is included in Eclipse IDE 2024-03
NA
CVE-2023-4218
In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a foreign repository or patch).
Eclipse Eclipse Ide
Eclipse Pde
Eclipse Org.eclipse.core.runtime
1 Github repository
NA
CVE-2022-24441
The package snyk prior to 1.1064.0 are vulnerable to Code Injection when analyzing a project. An attacker who can convince a user to scan a malicious project can include commands in a build file such as build.gradle or gradle-wrapper.jar, which will be executed with the privilege...
Snyk Snyk Security
Snyk Snyk Language Server
Snyk Snyk Cli
605
VMScore
CVE-2021-34435
In Eclipse Theia 0.3.9 to 1.8.1, the "mini-browser" extension allows a user to preview HTML files in an iframe inside the IDE. But with the way it is made it is possible for a previewed HTML file to trigger an RCE. This exploit only happens if a user previews a maliciou...
Eclipse Theia
409
VMScore
CVE-2020-14368
A flaw was found in Eclipse Che in versions before 7.14.0 that impacts CodeReady Workspaces. When configured with cookies authentication, Theia IDE doesn't properly set the SameSite value, allowing a Cross-Site Request Forgery (CSRF) and consequently allowing a cross-site We...
Eclipse Che
1 Github repository
694
VMScore
CVE-2017-8315
Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and previous versions was found vulnerable to an XML External Entity attack. An attacker can exploit the vulnerability by implementing malicious code on Androidmanifest.xml.
Eclipse Ide 2017.2.5
440
VMScore
CVE-2008-7271
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote malicious users to inject arbitrary web script or HTML via (1) the searchWord parameter to help/advanced/searchView.jsp or (...
Eclipse Eclipse Ide
Eclipse Eclipse Ide 3.3.2
2 EDB exploits
440
VMScore
CVE-2010-4647
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE prior to 3.6.2 allow remote malicious users to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content...
Eclipse Eclipse Ide 3.6
Eclipse Eclipse Ide 3.0
Eclipse Eclipse Ide 3.2
Eclipse Eclipse Ide 2.1.2
Eclipse Eclipse Ide 3.1
Eclipse Eclipse Ide 3.3
Eclipse Eclipse Ide 3.1.2
Eclipse Eclipse Ide 3.4.1
Eclipse Eclipse Ide 2.0
Eclipse Eclipse Ide 2.0.1
Eclipse Eclipse Ide 3.4.2
Eclipse Eclipse Ide 3.3.1
Eclipse Eclipse Ide 3.3.1.1
Eclipse Eclipse Ide 3.5.1
Eclipse Eclipse Ide 2.1.3
Eclipse Eclipse Ide 3.5.2
Eclipse Eclipse Ide 3.0.1
Eclipse Eclipse Ide 2.1
Eclipse Eclipse Ide 2.0.2
Eclipse Eclipse Ide 1.0
Eclipse Eclipse Ide 3.0.2
Eclipse Eclipse Ide 3.2.2
2 EDB exploits
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started